How it works?

  1. Local creates public_key (id_rsa.pub) & private_key (id_rsa).
  2. Only private_key can understand public_key.
  3. Remote sends messages encrypted based on public_key.
  4. Local has to use private_key to understand (decrypt) remote’s messages.

Generate a public key

  • Windows: Using below command, if it asks for a location, indicate C:\Users\dinha\.ssh\
  • Linux: /home/thi/.ssh/
     ssh-keygen -t rsa -b 4096 -C "[email protected]"
    
     # without email
     ssh-keygen -t rsa -f ~/.ssh/id_rsa.home
    

Multiple ssh keys

  1. Create key with different names, e.g. id_rsa.home, id_rsa.work.
  2. Add to ~/.ssh/config,
    Host home
    Hostname home.example.com
    IdentityFile ~/.ssh/id_rsa.home
    User <your home acct>
    
    Host work
    Hostname work.example.com
    IdentityFile ~/.ssh/id_rsa.work
    User <your work acct>
    
  3. Add to ssh-agent (don’t need to retype password again)
    eval "$(ssh-agent -s)"
    ssh-add ~/.ssh/id_rsa.home
    ssh-add ~/.ssh/id_rsa.work
    
  4. Don’t forget to clone you repo with git instead of https.

Add public key to remote

Suppose that we wanna connect to a remote host [email protected] from a local machine.

  1. On local machine, copy public key at C:/Users/dinha/.ssh (Windows) and ~/.ssh (Linux) (something like id_rsa.pub) (copy its content).
  2. On remote server (Linux), go to ~/.ssh, open file authorized_keys by vim authorized_keys
    1. Be carefull, you can modify the current keys!
    2. Go to the end of this file (by W)
    3. Press I to enter to the editing mode, press Enter for a new line.
    4. Using mouse to copy/paste the key in the 1st step (on your local machine).
    5. Note that, each key stays in a separated line.
    6. ESC and then type :wq to quick and save.
    7. Try to connect again!

Connecting

ssh [email protected]_host
ssh [email protected]_host -p remote_port
# CHECK VERSION
ssh -V
# DISCONNECT
exit
# COPY FILE: LOCAL -> REMOTE
scp local_file [email protected]:/var/tmp/
# REMOTE -> LOCAL
scp [email protected]:/usr/local/bin/add.sh .

Command line parameters

# FOR EXAMPLE
ssh -C # use data compression

Usage: Access jupyter notebooks from remote server on local machine.

Below are some popular commands[ref] :

  • -C: use data compression.
  • -p <port>: port to connect.
  • -q: quiet mode.
  • -v: verbose mode.
  • -X: running GUI remote app locally.
  • -L: local port forwarding[ref] .