Skip to content

Latest commit

 

History

History
114 lines (95 loc) · 2.68 KB

1. SSH.md

File metadata and controls

114 lines (95 loc) · 2.68 KB

Check for existing keys

Linux

$ ls -la ~/.ssh

Windows

C:\> dir ~/.ssh

Lists the files in your ~/.ssh directory. If you have already created a key previously you see two files.

-rw-------   1 toby  staff  1766 11 Jan  2014 id_rsa
-rw-r--r--   1 toby  staff   413 11 Jan  2014 id_rsa.pub

id_rsa is the private key, keep this very private this the key to your kingdom.

id_rsa.pub is your public key, this you give other people and services

Generate a new ssh key

$ ssh-keygen -t rsa -b 4096 -C "[email protected]"
  • The default name is id_rsa
  • Always create a passphrase
$ cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC..eafddPMr7Rd3UIHIg7DBRetn5k7TRdCMH3CioD6ZyNDytmpC85xQPtL...UR77nrQ== [email protected]
$ ssh 127.0.0.1

Will ssh to 127.0.0.1 using the default key id_rsa using the current username

$ ssh [email protected] -i ~/.ssh/id_rsa

Working with ssh-agent

"Single Sign-On using SSH. The ssh-agent is a helper program that keeps track of user's identity keys and their passphrases. The agent can then use the keys to log into other servers without having the user type in a password or passphrase again."

Starting the ssh-agent on linux

$ eval `ssh-agent`

List keys keys accessible to the agent

$ ssh-add -l

Add default key to the agent

$ ssh-add

Add specific key to the agent

$ ssh-add ~/.ssh/my-other-key

Windows 10 april ssh is install by default. Talk about new windows ssh-agent/git/posh issues

## SSH config

~/.ssh/config helps you use different identities for different services.

$ ssh github.com -i ~/.ssh/github.brighter.key

~/.ssh/config

Host github-brighter
    User toby
    HostName github.com
    IdentityFile ~/.ssh/github.brighter.key
Host github-org
    User tobias
    HostName github.com
    IdentityFile ~/.ssh/github.key
Host 10.10.1.0
    User testuser
    IdentityFile ~/.ssh/testuser.key
Host *
    IdentityFile ~/.ssh/id_rsa

SCP (Secure Copy)

scp file [email protected]:folder/folder

SSH authorized keys

/home/user/.ssh/authorized_keys file is the public keys that can be used to log in to the account.

Create a user that can, ssh using key, with no password and sudo abilities

sudo useradd -m user --groups sudo
sudo mkdir -p /home/user/.ssh
sudo touch /home/user/.ssh/authorized_keys
sudo vim /home/user/.ssh/authorized_keys

cat /home/user/.ssh/authorized_keys
sudo chown -R user:user /home/user/.ssh
sudo chmod 700 /home/user/.ssh
sudo chmod 600 /home/user/.ssh/authorized_keys
sudo touch /etc/sudoers.d/prognet
sudo vim /etc/sudoers.d/prognet
user ALL=(ALL) NOPASSWD:ALL
cat /etc/sudoers.d/prognet