===========================
public-and-private-ssh-keys
===========================


public-and-private-ssh-keys
===========================

Public and Private SSH Keys ##############################

I tend to think of:

-  a server host as a “house”
-  a public key as a “lock” on a door of a “house”
-  a private key as a “key” to the “lock” on a door of a “house”

In this way, anyone might have access to the outside of a “house”.
Anyone could have access to the “lock” on a house. Only you should have
access to the private “key”.

How to create a new public and private ssh keypair
==================================================

Create a ssh public/private keypair:

.. code-block:: bash

ssh-keygen -t rsa -b 4096 #enter a passphrase when asked

Document the passphrase in keypass

How to add the public key to a host
===================================

Append the contents of .pub key to a remote host’s
~/.ssh/authorized_keys. The user’s *authorized_keys* file may contain
none or many keys.

.. note::

The *authorized_keys* file must be mode 400

The *.ssh* directory must be mode 700

How to add a private key to your workstation
============================================

Keep all your private keys in the same directory with the .key
extension. Use the following script to add all private .key files to ssh
agent:

.. code-block:: bash

for f in \*.key; do ssh-add $f; done

The SSH agent will prompt for each key’s passphrase in turn. This must
be done after each reboot.

Could not open a connection to your authentication agent
--------------------------------------------------------

You must have a running ssh-agent and your shell must have access to use
it. If you get this error message when you attempt to run ssh-add then
first run the following command to spawn an ssh-agent for this shell:

.. code-block:: bash

eval “$(ssh-agent)”

Now try to run ssh-add again.

Another command for debugging:

.. code-block:: bash

echo $SSH_AUTH_SOCK

How to create a putty ppk
=========================

#. Create a keypair:
   ``How to create a new public and private ssh keypair``\ \_

#. SCP the keypair from unix host to windows host

#. Download and open puttygen.exe

   -  Click the *Load* button
   -  Browse to the private key, might need to choose ‘All Files(\*.\*)’
      from dropdown
   -  enter passphrase, click *OK*
   -  Click the *Save private key* bytton
   -  Name the new key with .ppk extension, and hit *Save*

#. Add the .ppk to putty.exe and test