ssh-keygen:
ssh-keygen is an command line tool which is used for generate, manage and convert ssh keys. ssh-keygen can create keys for use by ssh protocal version 1 and 2. it has many option
The type of key to be generated is specified with the -t option. If invoked without any arguments, ssh-keygen will generate an RSA key for use in SSH protocol 2 connections.
Normally each user wishing to use SSH with public key authentication runs this once to create the authentication key in
- ~/.ssh/identity
- ~/.ssh/id_dsa,
- ~/.ssh/id_ecdsa
- ~/.ssh/id_ed25519
- ~/.ssh/id_rsa.
Additionally, the system administrator may use this to generate host keys, as seen in /etc/rc.
Normally this program generates the key and asks for a file in which to store the private key. The public key is stored in a file with the same name but ``.pub'' appended. The program also asks for a passphrase. The passphrase may be empty to indicate no passphrase (host keys must have an empty passphrase), or it may be a string of arbitrary length.
open your terminal and run following command:
ssh-keygen -t rsa -f ~/.ssh/[KEY_FILENAME] -C [USERNAME]
-f - is name that you want to use for your ssh key files.
-c - is user for whom you will apply this ssh file
-t - Specifies the type of key to create. (dsa | ecdsa | ed25519 | rsa | rsa1)
ex:
ssh-keygen -t rsa -f ~/.ssh/my-ssh-keys -C ubuntu
Specifies Above command create following two files.
my-ssh-keys - private key
my-ssh-keys.pub - public key
This command generates a private SSH key file and a matching public SSH key with the following structure:
ssh-rsa [KEY_VALUE] [USERNAME]
And restrict access to your private key
chmod 400 ~/.ssh/[KEY_FILENAME]
And restrict access to your private key.. Once you created public key and private key, add your public key into server's authorized_keys file which you want to access via ssh.
Normally it will be located in ~/.ssh/authorized_keys
connect the server using ssh command line tool. When you connect first time it will ask to add server IP address to your known host list. Give yes for that.
Normally it will be located in ~/.ssh/authorized_keys
cat ~/.ssh/authorized_keys
connect the server using ssh command line tool. When you connect first time it will ask to add server IP address to your known host list. Give yes for that.
ssh -i [private_key_file] [username]@[server-name]
ssh -i my-private-key ubuntu@10.193.10.23
No comments:
Post a Comment