SSH
ssh public key auth
- generate key:
ssh-keygen - copy ssh key to remote:
- windows:
type $env:{userProfile}\.ssh\id_rsa.pub | ssh -p{port} {user@serverAddress} "cat >> .ssh/authorized_keys" - linux:
ssh-copy-id -i {userHome}/.ssh/id_rsa.pub -p{port} {user@serverAddress}
- windows:
- try login:
ssh -p{port} {user@serverAddress}
workflow
add your key to a single server
-
create keys
- on linux use
ssh-keygen -t rsa -b 4096 -C "{name or mail}" - create a public/private RSA key
- use a passphrase
- identification / private key:
~/.ssh/id_rsa - public key:
~/.ssh/id_rsa.pub
- on linux use
-
copy ssh key to remote:
- windows:
type $env:{userProfile}\.ssh\id_rsa.pub | ssh -p{port} {user@serverAddress} "cat >> .ssh/authorized_keys" - linux:
ssh-copy-id -i {userHome}/.ssh/id_rsa.pub -p{port} {user@serverAddress}
- windows:
-
try login:
ssh -p{port} {user@serverAddress}
ssh basics
keys
generating using openSSH
-
ssh-keygen -t rsa -b 4096 -C "{name or mail}"-
-t rsa -
-b 4096 -
-C "{name or mail}
-
-
save your public key, private key and passphrase on a save place
upload key
-
ssh-copy-id -i ~/.ssh/id_rsa -p222 user@host-
-i ~/.ssh/id_rsa -
-p222 -
user@host
-
-
windows:
type $env:USERPROFILE\.ssh\id_rsa.pub | ssh {IP-ADDRESS-OR-FQDN} "cat >> .ssh/authorized_keys"
files
server side
config file
parts of /etc/ssh/sshd_config:
Port = 22 # self explaining
PermitRootLogin = no # should be 'no'
PasswordAuthentication no # disallow Username-Password login
authorized_keys
https://www.ssh.com/academy/ssh/authorized-keys-file https://www.ssh.com/academy/ssh/authorized-keys-openssh
- server side
- list of pub keys
client side
config (client side)
-
before client config:
ssh john@dev.example.com -p 2322 -
edit client config
~/.ssh/config:Host devNetcup HostName dev.example.com User john Host *Netcup Port 222 Host * ForwardAgent yes -
after client config:
ssh dev