SSH Keys - How to

Hi all

I have numerous Linux based machines that I log into via SSH - I need to get onboard with SSH Keys rather than using Username and Password.

I understand the concept of it.

Can someone point me to a guide?

I was hoping Tom had done a video but I cant find one!
Thanks

Use ssh-keygen to generate a key pair then export it with ssh-copy-id to the system you want to login to. You can add or omit a password to the key. Here’s a link to get you started.

https://www.cyberciti.biz/faq/how-to-set-up-ssh-keys-on-linux-unix/

2 Likes

Ahhhh ideal!

Thanks I’ve built a test server to play with it.

Thanks.

1 Like

I know I’ve heard tom talk about it but probably didn’t do a video on it specifically. However Tom’s friends crosstalksolutions and Willie Howe have done videos on them.

1 Like

Cool! That was really easy!!

Now, I may use my PC and Laptop to access my *Nix servers, should I create new keys for each or use the same key? if thats at all possible?

@Chris_sctech
From my primary system, I use ssh-copy-id to the various systems I intend to ssh into. I also create unique keys on any of those systems which I will need to ssh back to my primary system.

I see so you do it for both directions. That makes sense!

Thanks

1 Like

@Chris_sctech

Ran into something new that I thought I’d share: I have a laptop running Ubuntu Gnome (18.04 LTS) that I’d previously configured with ssh-keygen / ssh-copy-id to ssh between laptop and primary desktop. Decided to install Pop!_OS on a new partition on the laptop. After configuration, I got a MITM warning from primary when trying to ssh to laptop because EDCSA key is different. The solution was to run ssh-keyscan, copy the response info and add that to end of ~/.ssh/known_hosts and rehash known_hosts file. Commands are:

~$ ssh-keyscan -t ecdsa laptop_ip

~$ vim ~/$HOME/.ssh/known_hosts

~$ ssh-keygen -H

source for solution: https://serverfault.com/questions/321167/add-correct-host-key-in-known-hosts-multiple-ssh-host-keys-per-hostname

1 Like

Quick question:
How do I Import my existing SSH-Keys into a new Linux system? Lets say I switch Distro on my PC instead of issuing SSH-Keygen again and copying the new key to servers - how do I import the that key into a new distro so I can SSH into my systems?

You may need to add your key to your ssh client (I had to do it after changing my distro as well).
Run the following on your SSH client machine.

ssh-add myprivatekey

1 Like

Thank you very much!

Ill give this a try!!

Are there any good SSH-Key Manager (GUI?) for generating and distributing SSH Keys?
Like “a new person wants to connect to all the servers - Auto Create Accounts on Linux, sets rights and distribute ssh keys”.

1 Like