User Tools

Site Tools


it_tips:ssh

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revision Both sides next revision
it_tips:ssh [2017/05/03 14:49]
florido [SSH key pair quick setup]
it_tips:ssh [2017/05/03 15:40]
florido [SSH key pair quick setup]
Line 142: Line 142:
  
 ==== SSH key pair quick setup ==== ==== SSH key pair quick setup ====
 +
 +We will generate a public/​private key pair called //​myid_rsa//​ and //​myid_rsa.pub//​ and copy it to a machine called ''​watto.matfys.lth.se''​ in order to login to it.
  
   - Generate a private/​public keypair **with password** and strong encryption((NIST complexity recommendations,​ http://​nvlpubs.nist.gov/​nistpubs/​SpecialPublications/​NIST.SP.800-57Pt3r1.pdf)):​ Command: <​code:​bash>​ ssh-keygen -b 4096 -f ~/​.ssh/​myid_rsa</​code>​Result:<​code:​bash>​   - Generate a private/​public keypair **with password** and strong encryption((NIST complexity recommendations,​ http://​nvlpubs.nist.gov/​nistpubs/​SpecialPublications/​NIST.SP.800-57Pt3r1.pdf)):​ Command: <​code:​bash>​ ssh-keygen -b 4096 -f ~/​.ssh/​myid_rsa</​code>​Result:<​code:​bash>​
Line 184: Line 186:
   - Try to login to the server **using the identity created**: Command:<​code:​bash>​ssh -i ~/​.ssh/​myid_rsa.pub pflorido@watto.matfys.lth.se</​code>​   - Try to login to the server **using the identity created**: Command:<​code:​bash>​ssh -i ~/​.ssh/​myid_rsa.pub pflorido@watto.matfys.lth.se</​code>​
  
-==== Debugging problems ====+You can now create entries in your ''​~/​.ssh/​config''​ file to use tunnelling as described in [[#Speedup connection using tunneling]],​ and the agent should automatically forward your keys. 
 + 
 +===== Debugging ​SSH problems ​and useful commands ===== 
 + 
 +The best to debug is to enable ssh verbose mode: 
 + 
 +<​code:​bash>​ssh -vv pflorido@watto.matfys.lth.se</​code>​ 
 + 
 +==== See which keys are tried by the agent ==== 
 + 
 +<​code:​bash>​ssh-add -l</​code>​ 
 + 
 +==== Delete a key from the agent keyring ==== 
 + 
 +<​code:​bash>​ssh-add -d ~/​.ssh/​myid_rsa</​code>​ 
 + 
 +==== Check if the agent is running ==== 
 + 
 +<​code:​bash>​ps aux | grep ssh-agent</​code>​ 
 + 
 +==== Remove an offending key from known_hosts ==== 
 + 
 +<​code:​bash>​ssh-keygen -R <​hostname></​code>​ 
 + 
 +==== Remove an offending key from known_hosts ​====
  
 +<​code:​bash>​ssh-keygen -R <​hostname or IP></​code>​
 ====== References ====== ====== References ======
  
   * Arch linux SSH PKI tutorial, https://​wiki.archlinux.org/​index.php/​SSH_Keys ​   * Arch linux SSH PKI tutorial, https://​wiki.archlinux.org/​index.php/​SSH_Keys ​
it_tips/ssh.txt · Last modified: 2023/10/09 14:27 by florido

Accessibility Statement