[HamWAN PSDR] Duplicating account

Bart Kus me at bartk.us
Sun Nov 3 12:55:42 PST 2019 

DSA is deprecated, so use RSA if you're making a new key for yourself.

Yes, PuTTY will work fine, but it doesn't transfer files.  It does come 
with a command-line SCP program if you got the PuTTY suite instead of 
just putty.exe.  This is why I recommended WinSCP, as it's another 
drag-n-drop program, and it works over the SSH port, not Mikrotik's 
custom and perpetually-exploitable Winbox protocol.

Good luck!

--Bart


On 11/3/2019 12:53 PM, Ric Merry wrote:
> Thanks Bart.
> I'm doing my homework on these things rather than just asking the 
> questions. (that's a good thing for all of us)
> I plan on using the drag and drop method, I have PuTTY from work with 
> Pi-Star, is that a recommended SSH program?
> The majority of the files I see are using rsa versus dsa encryption. I 
> researched the difference but I'm not sure what's best in my case as a 
> client or if it really makes a difference.
>
>
> On Sun, Nov 3, 2019 at 9:55 AM Bart Kus <me at bartk.us 
> <mailto:me at bartk.us>> wrote:
>
>     Most of the settings are not bound to your account, they're bound
>     to the modem itself. Creating a new account should be as simple as:
>
>     /user add group=full name=<NAME> password=<PASSWORD>
>
>     If you want to add SSH key-authentication to the account, you'll
>     need to put the key file on the modem first, via
>
>     /tool fetch url="https://some.website/your.key"
>     <https://some.website/your.key>
>
>     or use scp <https://winscp.net/eng/download.php> to copy it, or
>     use winbox to drag and drop the file into the modem's "File" section.
>
>     Once the file is there, you associate it with your account like so:
>
>     /user ssh-keys import user=<NAME> public-key-file=<KEY_FILENAME>
>
>     When your account has a key authentication method like this,
>     password authentication for SSH is disabled. However, you can
>     override that and preserve password auth by setting:
>
>     /ip ssh set always-allow-password-login=yes
>
>     Once your new account is verified to work, you can erase the admin
>     account:
>
>     /user remove admin
>
>     --Bart
>
>
>     On 11/2/2019 9:08 PM, Ric Merry wrote:
>>     Is there a simple way to duplicate my account/credentials with
>>     current settings but a different user name.
>>     I don't want to start over at step 1.
>>     Thanks
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.hamwan.net/pipermail/psdr/attachments/20191103/9509ca9d/attachment.html>

More information about the PSDR mailing list