Keyz (20 pts)

Problem Description: While webshells are nice, it'd be nice to be able to login directly. To do so, please add your own public key to ~/.ssh/authorized_keys, using the webshell. Make sure to copy it correctly! The key is in the ssh banner, displayed when you login remotely with ssh, to shell2017.picoctf.com

Write-up: To do so, you'd first want to generate an SSH key.

ssh-keygen

You can do set it up with all the defaults.

ssh-keygenwill generate two files in your ~/.ssh folder, id_rsa and id___rsa.pub. The first one is your private key, which you keep to yourself, and the latter is your public key which you will paste inside the web shell. Depending on your operating system, the paste command will vary. For macOS the command is pbcopy . I use linux though, so I ran:

cat ~/.ssh/id_rsa.pub

I copied the output, pasted it in the web shell, and logged in from my desktop terminal:

There's your flag.