This is an old revision of the document!
OpenLab spring 2015/02 | Key generating/eating party
- Date: 27. 2. 2015
- Workshop by: Martin Ukrop, Vladimír Štill
- Cake: evidence here
- Cake by: Vlasta Žáková
Introduction to SSH keys and SSH authentication.
Useful commands
See manual pages for usage details.
- ssh (create SSH connection)
- ssh-keygen (generate SSH keypair, interactive)
- ssh-copy-id <machine> (copy local identity to server to enable key authentication)
- ssh-add (add key to agent)
Configuration file
Host aisa
Hostname aisa.fi.muni.cz ForwardAgent yes Username xukrop VisualHostKey yes
Host nymfe*
ForwardAgent yes Hostname %h.fi.muni.cz IdentityFile ~/.ssh/id_rsa ProxyCommand ssh xstill@aisa.fi.muni.cz nc %h %p
# defaults should be at the end # security hardening Host *
User xstill PreferredAuthentications publickey ForwardAgent no PasswordAuthentication no ChallengeResponseAuthentication no PubkeyAuthentication yes
Miscellaneous
FI known hosts (SSH keys for all machines) https://fadmin.fi.muni.cz/noauth/sshkh/ssh-known-hosts.mpl
Beware! Forwarding your agent to the server may enable the server administrators to steal your agent and authenticate as yourself.