...
When prompted with the question "Enter file in which to save the key (/home/username/.ssh/id_ed25519):" you can either just press enter or change the name to, for example:
/home/username/.ssh/id_ed25519_transfer)
...
| Volet |
|---|
| id_ed25519_transfer # private key - never share!!! id_ed25519_transfer.pub # public key |
Upload your private SSH key to the CCDB
Log in on the following CCDB web site:
https://ccdb.alliancecan.ca/ssh_authorized_keys
Paste your public SSH key (the content of the file ending on *.pub) in the field indicated. Then precede what you just pasted by:
| Volet |
|---|
| restrict,from="IP_address",command="command" |
Where "IP_address" is the IP address from which you want to connect and "command" is the command you would like to execute. The Alliance already provides a number of wrapper scripts which allow common actions. Have a look at their wiki: Automation in the context of multifactor authentication under "Convenience wrapper scripts to use for command=".
For example, if you want to do automated transfers from Narval to UQAM or vice versa, you should put something like:
| Volet |
|---|
restrict,from="132.208.147.*",command="/cvmfs/soft.computecanada.ca/custom/bin/computecanada/allowed_commands/transfer_commands.sh" full_content_of_public_SSH_key |