5

I'd like to set ssh key on webmin.

I already have keys to use for many servers.

Normally in CLI, I just paste my id_rsa.pub to server server:/whitebear/.ssh/

Where can I set this on webmin interface?

Yaron
  • 724
  • 2
  • 7
  • 14
whitebear
  • 655
  • 4
  • 12
  • 26

2 Answers2

5

webmin documents - ssh server section

enter image description here

All SSH implementations have options related to how clients authenticate and the messages displayed to them after login. Specifically, you can permit or deny authentication by username and password or username and certificate, stop the root user logging in, and control if rlogin-style .rhosts files are trusted. The exact options differ quite a lot between SSH versions though, so what is possible with OpenSSH may not be if you are running the commercial SSH server.

To edit authentication settings, the steps to follow are:

  • Click on the Authentication icon on the module's main page to bring up a form like the one shown below.

  • To save and activate your new authentication settings, hit the Save button at the bottom of the form followed by Apply Changes on the main page.

enter image description here

Before a Unix user can use certificate authentication to login to an SSH server, he must generate a private key with the ssh-keygen command. This module can be configured to work with the Users and Groups module to run this command for all newly created users. If your network uses NFS-mounted home directories, this will allow new users to login to other hosts without needing to supply a password with no further setup needed. To configure the setup of SSH for new users, follow these steps:

  1. On the module's main page, click on the User SSH Key Setup icon.
  2. Check the Setup SSH key for new Unix users checkbox, so that ssh-keygen will be run for new accounts.
  3. To have the new user's public key added to the list of keys that are authorized to use his account, check the Copy new identify.pub to authorized_keys box. If it is not selected, they will need to do this manually before authentication with their new certificate will be accepted.
  4. To set a passphrase for new users' private keys, check the Use password as key passphrase box. If it is left unchecked, no passphrase will be set (which is more user-friendly, but less secure).
  5. Click the Save button to have Webmin start using your new settings.
Yaron
  • 724
  • 2
  • 7
  • 14
  • 2
    I followed these instructions and the .ssh folder with keys is not appearing in the new user's homefolder the same way it does with ssh-keygen so maybe another setting needs enabled for this module to be notified a user is being created so it can work. Version 1.940-2 – malhal Jan 02 '20 at 11:22
  • @malhal did you work this out ?? i just tried enabling this feature, and creating a linux user and no keys were generated – Hayden Thring Sep 15 '22 at 01:14
  • I found out for me in debian 9 "key type" had to be set to rsa not auto for this to work, but in debian 11 nothing worked so far. – Hayden Thring Sep 15 '22 at 02:22
  • This is all fine and dandy for new users, but what about already existing users? how can they create ssh keys? how can root? – nonhocapito Jan 07 '23 at 20:28
1

Use the command shell within Webmin

You can append a key manually to the authorized_keys from the command shell from within Webmin.

On the machine that needs access, get the public key (and copy it)

cat ~/.ssh/id_ed25519.pub

In Webmin, open a command shell (CTRL+K or click in the left menu on the console image)

Image - Location of the command shell in Webmin menu

IMPORTANT: use two '>>' chars for appending! (one is to overwrite!) Image - command shell example

echo 'ssh-MYPUBLICKEYCHANGETHIS' >> /home/MYUSERNAME/.ssh/authorized_keys

Now you can login from the other machine

ssh MYUSERNAME@myhostname
Roel
  • 111
  • 1