Landspítali - Docs

Lightweight guides for everyday computing

Íslenska

How to: SSH keys

Since an SSH client is now available in Windows this guide should work for whatever OS you are running on. However, keys created this way don’t seem to work with PuTTY right away if that’s the SSH client you use. You can look at that guide here

  1. The simple way
  2. The less simple way (It’s still pretty simple)

The simple way

Creating the SSH key

$ ssh-keygen
...
# Leave all the prompts on defaults
...

Aaand you’re done… This creates a key pair: the public key and the private key

It’s highly recommended to protect the key with a password. It’s one of the prompts when creating the key so it’s easy enough.

If someone requires your key, pubkey, public key or whatever, for authentication, you should ONLY provide them with the public key, the file that ends with .pub, or rather the contents of that file.

Using the SSH key

Presumably you will have added the key to the server. If that’s something you have to do and don’t know how to, then look at this guide

By default the keys are stored in the users $HOME directory $HOME/.ssh/id_rsa and $HOME/.ssh/id_rsa.pub

Connecting to a server is simple enough:

$ ssh <username>@<someserver>
# f.x. ssh lucifer@203.0.113.5
# username does not have to be specified if you have the same user on the
# host you are using to connect to the server

And you’re in… 🕶️💻

The less simple way (It’s still pretty simple)

Sometimes you want to have multiple keys. You have multiple environments or you don’t always have to put in a password when pushing to Github.

You follow the same process but simply specify another path when prompted. Watch out not to overwrite and old key if you’re still using it somewhere, the process will warn you.

# You can save the key in some other directory than $HOME/.ssh/ but the SSH client usually
# looks at the keys in $HOME/ssh/ and tries them until it finds one that works.

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/someuser/.ssh/id_rsa): /home/someuser/.ssh/bananakey
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/someuser/.ssh/bananakey
Your public key has been saved in /home/someuser/.ssh/bananakey.pub

And if it’s under the default folder you can just go $ ssh someserver.example

However if it’s not in the default directory, and even sometimes it tries multiple keys and you get “too many authentication failures” you can manually specify the key to use

$ ssh someserver.example -i /PATH/TO/SECRET/KEY/FOLDER/key
# This tells SSH to explicitly to use that key.

And you’re in… 🕶️💻