Wednesday, June 24, 2020

SSH public/private key

Key in your hand is Private, and DoorLock is called Public key(Lock itself).

Generating Keypair:

ssh-keygen -t rsa -b 4096 -f ~/.ssh/github1 -C "my@mail.com" 
-t: rsa algo name
-b: 2048 enctyption bits
-C: Comments

Upload the key to your server

Once an SSH key has been created, the ssh-copy-id command can be used to install it as an authorized key on the server.
First, make user1 owner to the ~/.ssh folder.
 mg@node2:~$ sudo mkdir -p /home/user1/.ssh
 mg@node2:~$ sudo chown fresh:users -R /home/user1/.ssh/
 mg@node2:~$ sudo chmod -R 700 /home/user1/.ssh/
 mg@node2:~$ ls -al /home/user1
Edit the sshd config:
sudo vi /etc/ssh/sshd_config
      -> PasswordAuthentication no
sudo service sshd restart
From client (git-bash client) system:

$ ssh-copy-id -i /c/Users/Rita/On...ve/P...ming/SSH/xkeyx.pub user1@113.15.51.51
(enter pass if required) After a successful install, it will show the bellow message.

Disable Password authentication, Inside the /etc/ssh/sshd_config file:
sudo vi /etc/ssh/sshd_config
      -> PasswordAuthentication no
sudo service sshd restart
[
(ssh-copy for another user https://measure9.varkel.net/2017/09/ssh-copy-id-key-to-other-user-than-yourself/)
cat ~/.ssh/node2.pub | ssh -i ~/.ssh/node2 
mg@192.168.10.115 sudo tee -a /home/life110volts/.ssh/authorized_keys
(or from Windows pc)
scp C:\Users\MyUserName\.ssh/id_rsa.pub example_user@203.0.113.100:~/.ssh/authorized_keys
]

SSH activities

Adding a private key to SSH Agent:
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/github1
passcode: d******3
To list the ssh-keys
$ ssh-add –l
$ ls -l ~/.ssh
To remove a key from the ssh-agent,
$ ssh-add -d /home/user/.ssh/id_rsa
(To remove all)
$ ssh-add –D
Keeping the private keys secure is important. It is suggested that the ssh-agent is terminated or locked when it is not needed anymore. 
$ eval $(ssh-agent -s -k)
MacOS: Pbcopy < ~/.ssh/id_rsa.pub
Windows: clip < ~/.ssh/id_rsa.pub
ssh -T git@github.com
ssh -T hg@bitbucket.org
Test login
ssh -T -i ~/.ssh/github1 hg@bitbucket.org  
Login Directly without a key agent.
ssh -T -i ~/.ssh/github1 hg@bitbucket.org  
ssh -T -i ~/.ssh/github1 git@github.com
Login with ssh and deploy to a Godaddy instance:
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/gokkdy
ssh -i ~/.ssh/godkkdy bangkkking@107.1k.k0.1k
After connected to GoDaddy.
cd /home/bsdfsdfng/#mydomains/dudfhool.com
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/cmdfinc.com
ssh -T -i ~/.ssh/cmarinc.com hg@bitbucket.org
git pull upstream master









Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)