Storage Box SSH Keys #
SSH key authentication for Storage Boxes #
If you use SCP, SFTP, rsync or BorgBackup, you can log in using SSH key authentication without entering a password.
Depending on the SSH port of the Backup account/Storage Box you use, you may need to use a specific format for the public SSH key. The following keys are supported:
|Standard OpenSSH Format
|RSA, ECDSA, ED25519
If you want to use the services over both ports, then you must store the public SSH key in both formats (RFC4716 and OpenSSH format) in the
.ssh/authorized_keys file. Please note that a new line should be at the end of the file.
Each sub-account requires its own authorized_keys file in the sub-account’s directory.
Generating SSH keys #
You can use ssh-keygen to generate a new pair of SSH keys:
Warning: With the default settings, using ssh-keygen will overwrite an existing SSH key! As an alternative, with the parameter
-f, you can specify a different file path.
Please activate the SSH service of your Storage Box within Robot. Afterwards you can upload your public key with the following command for both Storage Box ports:
After this you can use the public SSH key to login without a password.
You can also upload your key manually. Therefor please use the following guides:
Extended SSH Service on Port 23 (SFTP/Rsync/BorgBackup) #
Port 23 uses the one-line OpenSSH format of the public key.
Upload with ssh-copy-id (OpenSSH 8.5+) #
You can use
ssh-copy-id to upload the new key:
Upload without ssh-copy-id / Manually #
If you have an older OpenSSH client software, you can upload the public key also manual:
SSH Service on Port 22 (SFTP) #
For the SSH service on port 22, you must convert your public key into the RFC4716 format and then upload it.
Converting your key to RFC4716 format #
To convert the public SSH key into the correct format, enter the following command:
ssh-keygen -e -f .ssh/id_rsa.pub > .ssh/id_rsa_rfc.pub
The public SSH key should now look like the one below:
Now upload the created file:
Depending on which SSH key format you have uploaded, you should be able to log in without a password on port 22 and/or 23: