Shopping Cart
There are no more items in your cart
- News
- 1 likes
- 1014 views
- 0 comments
SSH keys for remote commands execution on Mikrotik Routerboard
Firstly we need to add user to the Mikrotik (we don't reccommand using admin account, unless you are absolutelky sure that your private key is in very secure place, for obvious reasons)
Run on MT the following command:
[admin@1200] > /user add name=sshuser password=XXXY group=read
On PC we need to generate a paid of DS keys:
On PC we need to generate a paid of DS keys:
$ ssh-keygen -t dsa
it will create tow files in home directory:
adam@i5d:~/.ssh$ ls -la
drwx------ 2 adam adam 4096 Aug 1 11:18 .
drwxr-xr-x 63 adam adam 12288 Aug 1 13:26 ..
-rw------- 1 adam adam 668 Aug 1 11:18 id_dsa
-rw-r--r-- 1 adam adam 598 Aug 1 11:18 id_dsa.pub
The id_dsa is the private key, keep it secure! The id_dsa.pub is the public key, we need to upload it to the MT via FTP (use Filezilla)
On MT:
[admin@1200] > /user ssh-keys import file=id_dsa.pub
it will prompt for user:
user: sshuser
All Done. You’ve created a key pair and imported the public key into Mikrotik. You can start running commands from your remote machine without using the password.
Example (it will display the resources of Routerboard):
$ ssh sshuser@192.168.90.254 /system resource print
it will create tow files in home directory:
adam@i5d:~/.ssh$ ls -la
drwx------ 2 adam adam 4096 Aug 1 11:18 .
drwxr-xr-x 63 adam adam 12288 Aug 1 13:26 ..
-rw------- 1 adam adam 668 Aug 1 11:18 id_dsa
-rw-r--r-- 1 adam adam 598 Aug 1 11:18 id_dsa.pub
The id_dsa is the private key, keep it secure! The id_dsa.pub is the public key, we need to upload it to the MT via FTP (use Filezilla)
On MT:
[admin@1200] > /user ssh-keys import file=id_dsa.pub
it will prompt for user:
user: sshuser
All Done. You’ve created a key pair and imported the public key into Mikrotik. You can start running commands from your remote machine without using the password.
Example (it will display the resources of Routerboard):
$ ssh sshuser@192.168.90.254 /system resource print
Comments (0)