[HamWAN PSDR] Duplicating account
me at bartk.us
Sun Nov 3 12:55:42 PST 2019
DSA is deprecated, so use RSA if you're making a new key for yourself.
Yes, PuTTY will work fine, but it doesn't transfer files. It does come
with a command-line SCP program if you got the PuTTY suite instead of
just putty.exe. This is why I recommended WinSCP, as it's another
drag-n-drop program, and it works over the SSH port, not Mikrotik's
custom and perpetually-exploitable Winbox protocol.
On 11/3/2019 12:53 PM, Ric Merry wrote:
> Thanks Bart.
> I'm doing my homework on these things rather than just asking the
> questions. (that's a good thing for all of us)
> I plan on using the drag and drop method, I have PuTTY from work with
> Pi-Star, is that a recommended SSH program?
> The majority of the files I see are using rsa versus dsa encryption. I
> researched the difference but I'm not sure what's best in my case as a
> client or if it really makes a difference.
> On Sun, Nov 3, 2019 at 9:55 AM Bart Kus <me at bartk.us
> <mailto:me at bartk.us>> wrote:
> Most of the settings are not bound to your account, they're bound
> to the modem itself. Creating a new account should be as simple as:
> /user add group=full name=<NAME> password=<PASSWORD>
> If you want to add SSH key-authentication to the account, you'll
> need to put the key file on the modem first, via
> /tool fetch url="https://some.website/your.key"
> or use scp <https://winscp.net/eng/download.php> to copy it, or
> use winbox to drag and drop the file into the modem's "File" section.
> Once the file is there, you associate it with your account like so:
> /user ssh-keys import user=<NAME> public-key-file=<KEY_FILENAME>
> When your account has a key authentication method like this,
> password authentication for SSH is disabled. However, you can
> override that and preserve password auth by setting:
> /ip ssh set always-allow-password-login=yes
> Once your new account is verified to work, you can erase the admin
> /user remove admin
> On 11/2/2019 9:08 PM, Ric Merry wrote:
>> Is there a simple way to duplicate my account/credentials with
>> current settings but a different user name.
>> I don't want to start over at step 1.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the PSDR