OpenLab spring 2015/02 | Key generating/eating party

  • Date: 27. 2. 2015
  • Workshop by: Martin Ukrop, Vladimír Štill
  • Cake by: Vlasta Žáková

Introduction to SSH keys and SSH authentication.

See manual pages for usage details.

  • ssh (create SSH connection)
  • ssh-keygen (generate SSH keypair, interactive)
  • ssh-copy-id <machine> (copy local identity to server to enable key authentication)
  • ssh-add (add key to agent)
Host aisa
  ForwardAgent yes
  Username xukrop
  VisualHostKey yes

Host nymfe*
  ForwardAgent yes
  IdentityFile ~/.ssh/id_rsa
  ProxyCommand ssh nc %h %p

# defaults should be at the end
# security hardening
Host *
  User xstill
  PreferredAuthentications publickey
  ForwardAgent no
  PasswordAuthentication no
  ChallengeResponseAuthentication no
  PubkeyAuthentication yes

FI known hosts (SSH keys for all machines)

Beware! Forwarding your agent to the server may enable the server administrators to steal your agent and authenticate as yourself.