How to generate ssh keys securely: Difference between revisions

From DISI
Jump to navigation Jump to search
(Created page with " == '''SSH Key Generation''' == * For all the following examples ''you'' is the user’s name that needs the ssh key and anything italicized is an example or comment (just i...")
 
(removed duplicate older page; redirects to new one)
Tag: New redirect
 
(11 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
#REDIRECT [[How to create a vpn/ssh tunnel]]
== '''SSH Key Generation''' ==
 
 
* For all the following examples ''you'' is the user’s name that needs the ssh key and anything italicized is an example or comment (just in case you get confused).
 
'''The following instructions are for Linux/Unix platforms.'''
 
 
On the machine that you will be '''sshing from''' (ie. your laptop/desktop at home):
 
 
ssh-keygen
 
Enter file in which to save the key (/Users/''you''/.ssh/id_rsa): ''hit enter or specify a different directory''
 
Enter passphrase (empty for no passphrase): ''Your very very difficult to hack password''
 
Enter same passphrase again: ''Your very very difficult to hack password again''
 
Your identification has been saved in /Users/''you''/.ssh/id_rsa_secret.
 
Your public key has been saved in /Users/''you''/.ssh/id_rsa_secret.pub.
 
The key's randomart image is:
 
…….some random “picture”…….
 
scp id_rsa_secret.pub ''you''@''remote_host'':~/.ssh/
 
*Note, if there is an obscure ssh port (like 97) then you would use:
 
scp -P 97 id_rsa_secret.pub ''you''@''remote_host'':~/.ssh/
 
 
On the remote machine that you will be '''sshing to''':
 
 
cd /home/''you''/.ssh
 
cat id_rsa_secret.pub >> authorized_keys
 
rm id_rsa_secret.pub
 
chmod 700 /home/''you''/.ssh
 
chmod 600 /home/''you''/.ssh/authorized_keys 
 
 
Then, back on the machine that you will '''be sshing from''':
 
ssh ''remote_host'' -l ''you''
 
OR
 
ssh -p 97 ''remote_host'' -l ''you''
 
You will then be prompted to enter your passphrase for the key, which will be the password you used when you used ssh-keygen
 
Then, exit and ssh in again and you’ll see it worked!  You should not be prompted for a password again. :)

Latest revision as of 17:38, 21 February 2025