- Local creates
public_key
(id_rsa.pub
) &private_key
(id_rsa
).
- Only
private_key
can understandpublic_key
.
- Remote sends messages encrypted based on
public_key
.
- Local has to use
private_key
to understand (decrypt) remote's messages.
- Windows: Using below command, if it asks for a location, indicate
C:\Users\dinha\.ssh\
- Linux:
/home/thi/.ssh/
1ssh-keygen -t rsa -b 4096 -C "[email protected]"
2# without email
3ssh-keygen -t rsa -f ~/.ssh/id_rsa.home
- Create key with different names, e.g.
id_rsa.home
,id_rsa.work
.
- Add to
~/.ssh/config
1Host home
2Hostname home.example.com
3IdentityFile ~/.ssh/id_rsa.home
4User <your home acct>
5#
6Host work
7Hostname work.example.com
8IdentityFile ~/.ssh/id_rsa.work
9User <your work acct>
- Add to ssh-agent (don't need to retype password again)
1eval "$(ssh-agent -s)"
2ssh-add ~/.ssh/id_rsa.home
3ssh-add ~/.ssh/id_rsa.work
- Don't forget to clone you repo with
git
instead ofhttps
.
Suppose that we wanna connect to a remote host
[email protected]
from a local machine.- On local machine, copy public key at
C:/Users/dinha/.ssh
(Windows) and~/.ssh
(Linux) (something likeid_rsa.pub
) (copy its content).
- On remote server (Linux), go to
~/.ssh
, open file authorized_keys byvim authorized_keys
- Be carefull, you can modify the current keys!
- Go to the end of this file (by
W
) - Press
I
to enter to the editing mode, pressEnter
for a new line. - Using mouse to copy/paste the key in the 1st step (on your local machine).
- Note that, each key stays in a separated line.
ESC
and then type:wq
to quick and save.- Try to connect again!
1ssh remote_username@remote_host
2ssh remote_username@remote_host -p remote_port
1# CHECK VERSION
2ssh -V
1# DISCONNECT
2exit
1# COPY FILE: LOCAL -> REMOTE
2scp local_file user@remote-host:/var/tmp/
3
4# multiple files, using wildcat "\*"
1# REMOTE -> LOCAL
2scp user@remote:/usr/local/bin/add.sh .
3
4# multiple files, using wildcat "\*"
1# Password inside the command
2sudo apt-get install sshpass
3# for mac
4brew install hudochenkov/sshpass/sshpass
5sshpass -p your_password ssh user@hostname
1# copy with sudo on remote
2# 1. copy to a place you have permissions
3scp * thi@remote:/home/thi/tmp/
4# 2. move to the place you want
5ssh thi@remote sudo mv /home/thi/tmp/\* /place/we/want
1# FOR EXAMPLE
2ssh -C # use data compression
Below are some popular commands (ref):
1# check the full list
2man ssh
1# exit background running
2sudo apt install net-tools
3netstat -lepunt
4
5# kill a process, e.g. 29231/ssh
6kill <pid> # eg. kill 29231
C
: use data compression.
f
: Requests ssh to go to background just before command execution
L <local-port>:remote.com:80
: local port forwarding (ref).
N
: Do not execute a remote command. This is useful for just forwarding ports
p <port>
: port to connect.
q
: quiet mode.
v
: verbose mode.
X
: running GUI remote app locally.