Hekkelman Programmatuur

Tips and tricks

To make life easier for anyone seriously using Salt as a terminal, I've collected some ideas here.

Certificates

Using a terminal to access multiple servers often means having to type one's password over and over to authenticate. The SSH protocol makes it possible to alleviate this by using public key authentication. Basically this means, you have a private key stored securely on your computer and use this to sign requests for access by a host computer. The public version of the private key is stored on the host computer and the host uses this public key to verify the signature. If the signature matches, the user is granted access.

Private keys can be part of so-called certificates. You can generate certificates yourself, or you can buy certificates that are issued by known certification authorities. The latter are very useful if you want to use them to sign your outgoing e-mail and set up encrypted e-mail conversations with others having their own certificates.

Since certificates are a standard, storage of them can be handled by Windows. The easiest way to obtain a certificate in Windows 7 is by creating a certificate for encrypting files using the Windows User Account control panel. Alternatively you can e.g. create a certificate using your smart card and the accompanying software.

Install a public key

Once you have your certificate you can use it for authentication with Salt. The only thing left to do is to put the public key for your certificate on the host you want to access. You do this by logging in to the host computer using your password and then choose 'Install Public Key' > 'your certificate' from the Terminal menu.

This only works if you are accessing a UNIX compatible computer with an OpenSSH server. If the server you're accessing is running OpenSSH on another kind of OS (don't know if this is possible) you can use the ssh-add -L command to print out the public key after you've logged in. You need to store it in the authorized_keys file yourself.

If the server is running a version of Tectia SSH2 server software, you should consult the documentation at Tectia for more information, e.g. the Q&A about converting an OpenSSH key into Tectia format.

Terminfo

Since Salt is now almost completely xterm compatible, you no longer need to install a custom terminfo file as was needed to fully use previous versions. However, you should make sure the TERM type in the preferences panel is set to xterm.

Alternatively you may use the VT420 emulation. Most modern OS's these days do not have default support for VT420 terminals anymore, so your best option is to use vt220.

Standalone

Salt is a standalone application. This means it does not need an installer or a privileged user in order to run. Salt does not use the registry to store settings, it creates a file called salt.cfg in the %LOCALAPPDATA%\salt directory. You can prevent this by starting salt in a directory containing a salt.cfg file.