- Local creates
- Remote sends messages encrypted based on
- Local has to use
private_keyto understand (decrypt) remote's messages.
- Windows: Using below command, if it asks for a location, indicate
1ssh-keygen -t rsa -b 4096 -C "[email protected]" 2# without email 3ssh-keygen -t rsa -f ~/.ssh/id_rsa.home
- Create key with different names, e.g.
- Add to
1Host home 2Hostname home.example.com 3IdentityFile ~/.ssh/id_rsa.home 4User <your home acct> 5# 6Host work 7Hostname work.example.com 8IdentityFile ~/.ssh/id_rsa.work 9User <your work acct>
- Add to ssh-agent (don't need to retype password again)
1eval "$(ssh-agent -s)" 2ssh-add ~/.ssh/id_rsa.home 3ssh-add ~/.ssh/id_rsa.work
- Don't forget to clone you repo with
Suppose that we wanna connect to a remote host
[email protected]from a local machine.
- On local machine, copy public key at
~/.ssh(Linux) (something like
id_rsa.pub) (copy its content).
- On remote server (Linux), go to
~/.ssh, open file authorized_keys by
- Be carefull, you can modify the current keys!
- Go to the end of this file (by
Ito enter to the editing mode, press
Enterfor a new line.
- Using mouse to copy/paste the key in the 1st step (on your local machine).
- Note that, each key stays in a separated line.
ESCand then type
:wqto quick and save.
- Try to connect again!
1ssh remote_username@remote_host 2ssh remote_username@remote_host -p remote_port
1# CHECK VERSION 2ssh -V
1# DISCONNECT 2exit
1# COPY FILE: LOCAL -> REMOTE 2scp local_file user@remote-host:/var/tmp/ 3 4# multiple files, using wildcat "\*"
1# REMOTE -> LOCAL 2scp user@remote:/usr/local/bin/add.sh . 3 4# multiple files, using wildcat "\*"
1# Pass inside the command 2sudo apt-get install sshpass 3sshpass -p your_password ssh user@hostname
1# copy with sudo on remote 2# 1. copy to a place you have permissions 3scp * thi@remote:/home/thi/tmp/ 4# 2. move to the place you want 5ssh thi@remote sudo mv /home/thi/tmp/\* /place/we/want
1# FOR EXAMPLE 2ssh -C # use data compression
Below are some popular commands (ref):
1# check the full list 2man ssh
1# exit background running 2sudo apt install net-tools 3netstat -lepunt 4 5# kill a process, e.g. 29231/ssh 6kill <pid> # eg. kill 29231
C: use data compression.
f: Requests ssh to go to background just before command execution
L <local-port>:remote.com:80: local port forwarding (ref).
N: Do not execute a remote command. This is useful for just forwarding ports
p <port>: port to connect.
q: quiet mode.
v: verbose mode.
X: running GUI remote app locally.
1# REMOTE HOST IDENTIFICATION HAS CHANGED 2# Offending ECDSA key in /home/thi/.ssh/known_hosts:21 3 4# SOLUTION: 5# Open /home/thi/.ssh/known_host and delete line 21