RSA authentication is convenient in that it allows access to many systems without having to mess with passwords. This type of authentication is also necessary to execute a remote “Unix” command from within an Eggplant script.
Note: The remote system must have ssh installed and sshd running with RSA authentication enabled. Contact your system’s admin if you don’t have sufficient privileges to set that up.
Steps for RSA authentication setup:
1.) On the Eggplant machine create a RSA key using the ssh-keygen utility from within a terminal window. You can open a terminal window from the “Utilities” folder under the “Go” menu of the “Finder”.
$ ssh-keygen �t rsa
2.) When prompted to enter a file for which this key will be saved in, type �./ssh/identity� to indicate that the key should be created under the .ssh directory. You will be asked to supply a passphrase. Press the return key to elect no passphrase. After doing this, a directory listing of ~/.ssh should look like:
-rw------- 1 eggplant eggplant 528 Aug 4 21:37 identity -rw-r--r-- 1 eggplant eggplant 332 Aug 4 21:03 identity.pub -rw-r--r-- 1 eggplant eggplant 28106 Jul 26 16:52 known_hosts
3.) Copy the public key, identity.pub, to the hosts you wish to access remotely. You can accomplish this with scp. You may also want to name the key to indicate your present host. For example, you might name a key after your eggplant machine “eggplant.ssh”.
$ scp .ssh/identity.pub email@example.com:./.ssh/eggplant.ssh
4.) To enable RSA authentication you will need to add the new host key file (�eggplant.ssh�) to the authorized_keys (.ssh/authorized_keys) file on your remote host.
$ cat eggplant.ssh >> .ssh/authorized_keys
Check the permissions of .ssh/authorized_keys, it must have the appropriate permissions enabled (shown below) or you won’t be able to use RSA authentication:
-rw-r--r-- 1 solaris solaris 334 Aug 4 21:03 authorized_keys
You should now be all set. You can test this by logging out of the remote server and connecting via ssh:
$ ssh remote-user@remote-host
If done correctly you won’t need a remote password to connect to the host. If you are prompted for a password, or your connection is refused, something is wrong.
For more information consult the documentation for the following: ssh, ssh-keygen, sshd
For SenseTalk specific syntax your inline command might look like this:
shell(<<ssh>>) or put shell(<<ssh>>) into someVar