ibmi-brunch-learn

Announcement

Collapse
No announcement yet.

Managing multiple SSH key pairs for the same User

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Managing multiple SSH key pairs for the same User

    I am at a new client and they already have ssh (SFTP) running which was setup over 10 years ago. So they currently use a user profile which is setup to run all of their scheduled jobs, User Profile "Robot" for example. Now they want to setup a new sFTP connection to a new Linux server and the linux admin would like a rsa 2048 key, but we(i5) currently only have a 1024 rsa key for the Robot user.

    So, my question is, everything I look up all deals with first time setup of sFTP on the i5, but not really much on setting up additional connections that may need different key types. Is there any information that someone can explain or point me to a link? Even why I try to look up just openssh, I can't find much about this topic.

    I know the known_hosts file will have the IP and the public key of the ssh server, but for the public/private key authentication will the connection then know to try to match the specific public key I sent them, to my matching private key, or will it try only the first key in the .ssh folder, or will it try to match against every private key in the .ssh folder.

    I know I can probably setup another user profile and then use an API to switch to the other user profile for a different key authentication, but where is the information about managing multiple sFTP connections, keys and different users?

    I could go on with more questions, like what is the relevance/application use of that fingerprint box when you use ssh to connect for the first time to create the known_hosts entry ?
    But in general I'm looking for the multiple/different connection/user/key information.

    Thanks!
    Last edited by aidan2474; April 3, 2020, 10:39 AM.

  • #2
    I'm sorry this won't answer your question directly...

    This post helps remind me that, though we can build custom applications to do generic operations... It is mostly if not always better to follow
    the "Buy not build philosophy". This holds especially true to FTP. Please reach out to Richard at Arpeggio Software for their solution to FTP/SFTP/FTPS.
    Not only is their software the most cost effective, I've found, It too is easy to use. I don't know what your buying power is at your current position,
    but I would recommend in this case you buy. Let Richard worry about when your next customer asks for a 4096 RSA key
    cost on or about 2k per year... depending on if Richard likes you or not!
    All my answers were extracted from the "Big Dummy's Guide to the As400"
    and I take no responsibility for any of them.

    www.code400.com

    Comment


    • #3
      You are correct with your initial declaration, as I am NO position to buy anything, I am still not much better off. But I do thank you for your response.

      Comment

      Working...
      X