Understanding SSH Keys

What Are SSH Keys?

As opposed to the usual username and password authentication method, you can establish an SSH connection using a method that is known as SSH key-based authentication.

SSH keys are considered an extremely secure way of logging into your device/server, and is often the recommended way to establish all SSH connections as opposed to username and password authentication.

SSH keys come in pairs (private & public). The private key remains a secret to the client (i.e. the computer you use to initiate an SSH connection). This private key is considered the most vital, as any access to a private key can compromise your device and allow attackers to log in over SSH.

As opposed to your private key, your public key can be shared freely as only your private key can decrypt messages sent over SSH using said public key. This public key is uploaded to the device you wish to access via SSH and is stored in a specific file within the home directory of the user you wish to log in as.

How a Secure Connection is Formed

When we attempt to log into our device over SSH, using key-based authentication, the remote device will respond with a message which the SSH client (our computer/laptop we are using to initiate an SSH connection) must encrypt using its locally stored private key.

The client then responds with this encrypted message, which the remote device will then attempt to decrypt using one of the public keys originally uploaded in the setup procedure.

If the remote device successfully decrypts the message (I.e., if the original message matches the decrypted message), then an SSH connection is authenticated.

Understanding this connection method really shows how vital it is to safely secure your private SSH key.

Creating a Private & Public Key

It is worth noting at this point, that the command to generate a private & public key-pair exists on Linux/Mac computers by default (or at least after installing the OpenSSH libraries). Windows users will need to download a program such as Git and expose it’s commands on the system path.

The command to generate a key-pair is

> ssh-keygen

Upon entering this in the command prompt/terminal (on the local client), you will be asked to enter a location to save the keys. By default, this command creates two files, id_rsa and id_rsa.pub in the .ssh folder found in the home directory of the currently logged in user. For example:

~/.ssh/id_rsa 

~/.ssh/id_rsa.pub

You can simply click enter at this point, to save in the default location (recommended).

If you wish to encrypt the keys on disk (recommended) you can do so now. If you do not wish to enter a passphrase, simply leave it blank and hit enter.

Uploading Your Public Key to Remote Device

Now that we have our private and public key-pair stored on our client, we are ready to upload our public key to the special file which stores all accepted public keys on the remote device. It is important to note, that the location is stored in the .ssh folder in the home directory of the user.

For example, if we want to log in as the user “bob” but we upload our public key to the user “brian” then we won’t be able to initiate an ssh connection via bob@<remoteIP>, but we would be able to via brian@<remoteIP> .

So, first things first is to get the contents of your public key (on the local client). This can be done by cat’ing your public key to the terminal via:

> cat ~/.ssh/id_rsa.pub

You will see a massively long string (key based authentication is very secure!). You simply need to copy all of this output.

Now on your remote device, log into the account of the user you wish to log in via SSH as and append your public key by entering the following in the command prompt:

> echo your_public_key >> ~/.ssh/authorized_keys

Where “your_public_key” is the contents of the file you originally copied.

NOTE: You may have to ensure your SSH directory exists if you have not set this up before. You can do this simply by entering the following (safe to do, if the directory already exists)

> mkdir –p ~/.ssh

Log in via Key-based SSH

With your public key uploaded to the remote device, we can now go back to our local client. We can attempt to initiate an ssh key-based connection by entering the following

> ssh username@<remoteIP>

If you entered a passphrase for your private key file, you will be prompted to enter that passphrase now. Otherwise your connection will be established.

If you wish to disable password authentication (I.e. a less secure authentication method), you can do so by entering the following on the remote device

> sudo nano /etc/ssh/sshd_config

Ensure the following line exists and not commented out (via a # symbol)

PasswordAuthentication no

Finally press ctrl + X to exit the file and “Y” to confirm changes.

You will then need to restart the machine.

How to Debug a C++ Maya Plugin Using Visual Studio

Introduction

This post is not about creating a C++ Maya plugin, it is aimed at setting up debugging in Visual Studio for the plugin.

note: If you see the word “MayaMorph” in this post, it is because the project I am building is morphing between two geometric meshes. If you are interested there is more info on my website https://nickcullen.net.

Project Setup

We start off in Visual Studio. Open up your Maya plugin solution.

  • 1. Right click your plugins project properties

    Opening Visual Studio Project Properties Example
    Opening Visual Studio Project Properties Example
  • 2. Under Configuration Properties -> Debugging set the "Debugger to launch" option to "Local Windows Debugger".
Debugging Options Configuration Wiindow
Debugging Options Configuration Wiindow
  • 3. In the "Remote Command" entry, you want to put the full path (including extension) to the maya executable. For example my Maya is located at "C:\Program Files\Autodesk\Maya2016\bin\maya.exe" (Yours may be different!).

A handy trick to get the the full path to a file on your windows machine is to hold shift + right click on the executable, then click “Copy as Path“. You can simply paste the value into “Remote Command” removing any quotation marks.

  • 4. Set the "Attach" value to "Yes". This option attempts to attach the debugger to an already running Maya instance. Without this, it will launch Maya every time you launch the debugger.

Your values should look similar to these:

Values of set debugging properties
Values of set debugging properties

Your debugger is all set up.

If you haven’t done so yet, set some breakpoints and open Maya. Don’t run the debugger until Maya is fully open.

Debugging Maya Plugin

Once Maya is fully open, plugin compiled and loaded you can attach the debugger.

1. Click the "Local Windows Debugger" option at the top or simply hit F5
Selecting the debugger to run example
Selecting the debugger to run

Once you execute your plugin from within Maya, you should hit one of your break points like so.

Hitting a breakpoint example
Hitting a Breakpoint

Happy debugging!