1.4 KiB
1.4 KiB
SSH Key Gen After a fresh install we want to generate an SSH key pair (public and private) we can then use this key to ssh onto hosts without having to share passwords.
On the new host
ssh-keygen -t ecdsa
You could add a -C for comment and then add your emaiul address but... meh
Example
~$ ssh-keygen -t ecdsa
Generating public/private ecdsa key pair.
Enter file in which to save the key (/home/luddie/.ssh/id_ecdsa):
Created directory '/home/luddie/.ssh'.
Enter passphrase for "/home/luddie/.ssh/id_ecdsa" (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/luddie/.ssh/id_ecdsa
Your public key has been saved in /home/luddie/.ssh/id_ecdsa.pub
The key fingerprint is:
SHA256:gA+5oVKPdtlG7JQC5pL3NQ+OokUK7WoosTevWBCd1E0 luddie@debian-base
The key's randomart image is:
+---[ECDSA 256]---+
| +. oE |
| B o.+.. |
|= 1 * X |
|.O = / = |
|B = B * S |
|.X o . |
|*.+ |
|o+ o |
|. ... |
+----[SHA256]-----+
~$
This will generate 2 keys in the .ssh folder
~/.ssh$ ls
id_ecdsa id_ecdsa.pub
~/.ssh$
Use can then cat the .pub file to get the public keyu for that host, which can be added to the authorized_host file of other machines to gain access.
You can also create an authorized_keys on your cost, and add other ssh pub key to allow them to have direct access to this host.