-
Notifications
You must be signed in to change notification settings - Fork 40
External Command: ssh
When you are trying to connect to a remote machine via ssh, it will prompt you for authentication.
Normally, there are several ways to do the authentication:
Authentication via public key is always tried first.
ssh authentication via public key has two advantages:
- it is securer;
- it won't bother you in later connections once authorized.
It needs the following steps to make it ready:
a) Generate a key pair
First, you need to generate a key pair via command ssh-keygen:
ssh-keygen -t rsa
this generates a key pair of type rsa. During the command, it will ask you for the location of the outcome, press enter to use the default one; then it will ask for the passphrase, just click OK to leave it empty. (If you provide non-empty passphrase during the key pair generation, ssh will ask you for this passphrase in later connections. It is not the user password, rather, ssh needs it to decrypt the key pair. You may consider this as an enhanced layer of security.)
The generated key pair is situated in directory ~/.ssh/. The file id_rsa contains the private key, while id_rsa.pub contains the public key.
b) Make the public key in position
After you have the key pair, you need to make your public key (NOT the private key!!!) known to the remote host.
On the remote machine to which you want to connect, find ssh config file authorized_keys (it usually lies in directory ~/.ssh/, create a new one if it doesn't exist). Then append the content of the generated public key file id_rsa.pub to this file.
If the remote host supports authorization via user password, here is a shortcut way to deploy your public key to it:
cat id_rsa.pub | ssh user@host 'cat >> ~/.ssh/authorized_keys'
This command appends the content of the public key directly to the remote host's ssh config file via a pipe.
Now, the ssh authentication key is set up between iVim and the remote machine.
The public key authentication may fail due to the following reason:
- you don't have the key pair;
- the remote host doesn't support public key authentication;
- the remote host doesn't know your public key.
If this happens, ssh will try to authenticate via a password (available since iVim 2.24).
Compared with the public key authentication:
- it doesn't need the remote host beforehand configuration, so it is very good for a temporary connection;
- it needs to provide the password for every and each connection, not so convenient or secure;
Since the default user name on iVim is mobile, it doesn't work most of the time when you specify the destination of ssh without a user name. Instead, you may need to provide the user name explicitly:
ssh user@host
The user is the user name who is authorized on the machine host you are connecting to.
You can also specify a custom port in the host address:
ssh user@host:2345