ssh commands
ssh creation
- ssh key should be in /home/.ssh folder
- to generate ssh key-
ssh-keygen
- the command will ask you the name of the file, you can enter it. Let say, you named it "secure-shell" and follow the next instructions:
It will create two files in the same folder one is a public key file with extension .pub file and the other one is a private file. In our case, it will create "secure-shell.pub" and "secure-shell"
It needs your attention,
secure-shell - never share this with anybody
secure-shell.pub -to be share with a remote server that you want to excess
- When you have multiple private keys then you have to add a specific key to your main identity.
eval $(ssh-agent)
ssh-add ~/.ssh/secure-shell
difference ssh-add /.ssh/secure-shell V/S ssh -i /.ssh/secure-shell ?
add will set the identity of your system for a current pointed ssh key for every commit, whether -i will set temp identity pass key(ssh key) in case you have different ssh keys added to the different remote workspaces.
GitHub access
- write the following command to view the ssh-key (we will use secure-shell i.e. our key name). Please access the directory where your ssh key present. > cat .ssh/secure-shell.pub
- The above command lists a key, copy it!!
- Goto git account, setting > SSH and GPG keys > New ssh key and paste here
- that it
- Remember, you need to generate two ssh keys to access two different git accounts. Each git account will require a unique ssh key to be added. It is a good practice.
Remote access
- On your local machine > cat .ssh/secure-shell.pub
- The above command lists a key, copy it!!
- go to the remote machine and write following command > sudo vi .ssh/authorized_key
- Press i button to write
- paste your key here and press ESC button
- Write :wq
NOTE - how to know which ssh is currently added
ssh-add -l
It's pretty simple, right !!
Top comments (14)
An easier method for copying your public key to a remote host is to use the
ssh-copy-id
command.Also, if you have multiple SSH keys on your keyring, you can create scenarios where the git-remote will give you a "
too many authentication failures
" error due to the ssh-agent presenting the wrong key(s) prior to the correct key.Using the SSH config file (~/.ssh/config) can come in handy here.
Specify the remote server you are connecting to using the
Host
statement.Within the host statement you can specify the options that differ from the defaults for that host including but not limited to username and identity.
Then when you connect to the example.com server it will use the options you have specified. On some OSes this also provides auto-completion for the SSH command.
The SSH Config Man page has all the options you can specify linux.die.net/man/5/ssh_config
I do second
ssh-copy-id
. Got to know about it few weeks ago and it's such a helper!You should consider using modern ECDSA SSH keys instead of the old RSA keys. They are more secure and supported on all modern systems.
Details about ECDSA and how to generate them can be found in my article.
If you don't want to read a whole article to figure out how to generate this type of key, simply add
-t ecdsa
to thessh-keygen
command. The why in the article, though, is still a good read.Ackchually, Ed25519 is now the go-to recommended algorithm
You should not use
sudo
when modifying authorised keys. If the file does not already exist, it will set the wrong permissions. Authorised keys is a strictly user file and should only ever be accessed by the user that owns it. Overuse ofsudo
is a dangerous trend that should not be encouraged.Nice work..
I do not use ssh-agent and when using 2 GitHub accounts I use the GIT_SSH_COMMAND variable to specify the key to use. Not sure of this is right or the best way to do it, but it has been useful to me so far
Very useful content π
Thank you for sharing and clearing the concepts of SSH.
Very useful contentππ
Or you can use my automation in python for doing all this listed :)
github.com/dimon222/py-gitsshgen
Very useful... thanks for sharing!!