public-and-private-ssh-keys

public-and-private-ssh-keys

Public and Private SSH Keys ##############################

I tend to think of:

In this way, anyone might have access to the outside of a “house”. Anyone could have access to the “lock” on a house. Only you should have access to the private “key”.

How to create a new public and private ssh keypair

Create a ssh public/private keypair:

.. code-block:: bash

ssh-keygen -t rsa -b 4096 #enter a passphrase when asked

Document the passphrase in keypass

How to add the public key to a host

Append the contents of .pub key to a remote host’s ~/.ssh/authorized_keys. The user’s authorized_keys file may contain none or many keys.

.. note::

The authorized_keys file must be mode 400

The .ssh directory must be mode 700

How to add a private key to your workstation

Keep all your private keys in the same directory with the .key extension. Use the following script to add all private .key files to ssh agent:

.. code-block:: bash

for f in *.key; do ssh-add $f; done

The SSH agent will prompt for each key’s passphrase in turn. This must be done after each reboot.

Could not open a connection to your authentication agent

You must have a running ssh-agent and your shell must have access to use it. If you get this error message when you attempt to run ssh-add then first run the following command to spawn an ssh-agent for this shell:

.. code-block:: bash

eval “$(ssh-agent)”

Now try to run ssh-add again.

Another command for debugging:

.. code-block:: bash

echo $SSH_AUTH_SOCK

How to create a putty ppk

  1. Create a keypair: How to create a new public and private ssh keypair_

  2. SCP the keypair from unix host to windows host

  3. Download and open puttygen.exe

  4. Add the .ppk to putty.exe and test