Passwords and RSA Keys
Learn about authentication in Couchdrop
Authentication in Couchdrop comes in two flavours. Password based authentication, and for SFTP and SCP, RSA based authentication. Couchdrop has extensive support for both, and users can self manage keys and passwords if granted access to the Couchdrop Web App.
Most of the options here are only relevant for SFTP and SCP based authentication. The web interface does not support key based authentication.
Password only authentication
Password only authentication is the default setting for Couchdrop. When a user is first configured, they will need to provide a secure password that is used to login to both the web app and the SFTP and SCP server.
Passwords can be managed and changed by an administrator and the user themselves.
All users, regardless of key settings, need a password to be configured.
RSA (and others) key based authentication
Couchdrop supports standard key based authentication for SFTP and SCP. Key based authentication requires a private key and a public key. The public key is shared with Couchdrop and the private key remains a secret.
Keys can be re-used across multiple users and are configurable under Administration --> Users --> RSA Public Keys
Supported Key Types
We support the following key types.
RSA
The most common key type - by far. RSA keys are considered secure and have stood the test of time.
DSA
The precursor to RSA. Using DSA keys is generally frowned upon, but well supported in Couchdrop
ECDSA
The newest kid on the block.
Generating a new key
Creating a new key is not something that we facilitate inside Couchdrop. This is to ensure that Couchdrop is never the holder (even by accident) of SSH private keys. Not to worry, creating a key pair is simple.
On a Mac, Linux Box or any other Unix Server:
From a console:
This will generate two files.
abc
abc.pub
The abc.pub file is what we need.
Open the file and copy it to Couchdrop: The file will look something like this:
Never share your private key. It's safe to share the public key, but not the private key.
Adding the public key to Couchdrop
Arguably the easiest step in the process.
Login to Couchdrop
Navigate to the user Administration --> Users --> User --> RSA Public Keys
Paste the public key into the field and click add.
You can add as many keys to a user account as you like. We don't judge.
Password and Key Authentication
For additional security, some clients support requiring both a key and a password for successful authentication. Couchdrop supports this out of the box and this can be enforced by toggling the option: Require Password and Public Key
Last updated