 opensolaris.org SSH key help
The polling and source code management systems on opensolaris.org are
SSH-based. That means to use these services, a user needs to have an
SSH key pair and share the public key with opensolaris.org.
1. Generating a key pair
On an OpenSolaris-based system, a key pair can be generated using the
ssh-keygen(1) command. It is recommended that keys contain
at least 1024 bits, and be protected with a password of at least
8 characters, containing both lower- and uppercase letters, and 2 or
more non-letters. A sample invocation and output of the
ssh-keygen(1) command to generate these keys would
be:
$ ssh-keygen -b 1024 -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/export/home/member//.ssh/id_dsa):
Created directory '/export/home/member//.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /export/home/member//.ssh/id_dsa.
Your public key has been saved in /export/home/member//.ssh/id_dsa.pub.
The key fingerprint is:
3e:f4:f8:c4:39:91:53:67:78:88:56:e7:8c:c5:39:37 member@rampage
As you can see from the output above, this command asks you for a filename
within the .ssh directory to save your keys in, along with a password. The public key will be in a file called id_dsa.pub,
while the private key will be in id_dsa. (You may also use
the -f option to ssh-keygen to generate your keys at a
different location.) In this example, the public key looks like the following -
$ cat .ssh/id_dsa.pub
ssh-dss AAAAB3NzaC1kc3MAAACBAKVifmgpyGYg8OteHL2d1uzlW4CU3CJxVW91aNl70aeMfTW/7cMCi+1ZYsTigaKClchVN3fcOPNyo4EGQ0Elq40JolgxFvuHBmfOlJZGBrSrzm2DCpnd2JvEkgXjHGayCCpVRfKDuB+Axa30ct2VmZbBeZd3hW25yhlz1HDqjQ3xAAAAFQDLYUqSv1nSxEw9EqQn9G++FD6VxwAAAIEAkjFxCj9+ra6movzxu/+h2HYkFsbO/4dOWS/HJ2z64y9ZDtPy2td+4GWRSPCA8HJmlqM/uyLFeGgaxBglZ6TUxcZK9JiKzidRM5oEXczlcAG2ewIbOqal1AyZKbboDlCKvd6n6LPRWXVOtxUThABeSUFOXqCXrlJVfz4uEPjiB6QAAACAakET3IxNNNqxVghUt5rzI4lAWIu2V0OgVT9k/+CutdjEfCNCbTf9ZJTxBix3QwD/T1yNgaJ3sY1of42tZBok2AVbcTq+OqW0H/0E96E6a+qNm9P4RwX5z3BQxQT/88A46QqKI+rGZGH6OPn58X2wPGmhwyuMKPV0I5ymBxWcPjI= member@rampage
This is the key you will need to upload to opensolaris.org.
2. Sharing the public key with opensolaris.org
Once created, user public keys are submitted via the user's "Update Profile" page. First of all, make sure you are signed into the website with your
user id. If you are not, click on the "Sign in" link.
Having signed in, now click on the "member (OpenSolaris Contributor)" link
in the top right corner of the page
Then click on the "Update Profile" link
The fields for entering SSH keys will be on the presented page
(along with other profile details).
If you used the above ssh-keygen command, then set the
Key Type to DSA. Give the key a useful description, like "Work",
"Laptop", or some other appropriate label. Finally, paste the
contents of the id_dsa.pub file (or whatever file
contains the public key) into the Key field. A particularly easy way
to paste your public key into the Update Profile form is to bring up a
second browser window with the id_dsa.pub file, via a URL
like
file:///export/home/member/.ssh/id_dsa.pub
and select and
copy the entire line to the clipboard, and finally paste into the Key
field. Pasting operations between terminal windows and browsers are
likely to be very frustrating, with inappropriate wrapping and
whitespace insertion.
A key update takes up to five minutes to propagate to the polling system.
Bug!! The SSH public key submission check is too
zealous, and will reject keys with trailing whitespace. If you're
having trouble submitting a key, please check that there isn't extra
data, spaces, or carriage returns in the field. If you're stuck,
contact us on website-discuss; if you're really
stuck, mail your public key(s) to key-submissions AT
opensolaris DOT org, and we'll get them into the proper
place.
|