53 lines
1.4 KiB
Markdown
53 lines
1.4 KiB
Markdown
**SSH Key Gen**
|
|
After a fresh install we want to generate an SSH key pair (public and private)
|
|
we can then use this key to ssh onto hosts without having to share passwords.
|
|
|
|
On the new host
|
|
|
|
```
|
|
ssh-keygen -t ecdsa
|
|
```
|
|
|
|
You could add a -C for comment and then add your emaiul address but... meh
|
|
|
|
|
|
Example
|
|
|
|
```
|
|
~$ ssh-keygen -t ecdsa
|
|
Generating public/private ecdsa key pair.
|
|
Enter file in which to save the key (/home/luddie/.ssh/id_ecdsa):
|
|
Created directory '/home/luddie/.ssh'.
|
|
Enter passphrase for "/home/luddie/.ssh/id_ecdsa" (empty for no passphrase):
|
|
Enter same passphrase again:
|
|
Your identification has been saved in /home/luddie/.ssh/id_ecdsa
|
|
Your public key has been saved in /home/luddie/.ssh/id_ecdsa.pub
|
|
The key fingerprint is:
|
|
SHA256:gA+5oVKPdtlG7JQC5pL3NQ+OokUK7WoosTevWBCd1E0 luddie@debian-base
|
|
The key's randomart image is:
|
|
+---[ECDSA 256]---+
|
|
| +. oE |
|
|
| B o.+.. |
|
|
|= 1 * X |
|
|
|.O = / = |
|
|
|B = B * S |
|
|
|.X o . |
|
|
|*.+ |
|
|
|o+ o |
|
|
|. ... |
|
|
+----[SHA256]-----+
|
|
~$
|
|
|
|
```
|
|
|
|
This will generate 2 keys in the .ssh folder
|
|
|
|
```
|
|
~/.ssh$ ls
|
|
id_ecdsa id_ecdsa.pub
|
|
~/.ssh$
|
|
```
|
|
|
|
Use can then cat the .pub file to get the public keyu for that host, which can be added to the authorized_host file of other machines to gain access.
|
|
|
|
You can also create an authorized_keys on your cost, and add other ssh pub key to allow them to have direct access to this host. |