SSH

Autologin and key based authentication

Prefer in order algorithms (highest first):

• ed25519
• ecdsa
• rsa
• dsa

Prefer lengths in bits, even when some algorithms suggest shorter:

• 4096

On server side:

mkdir ~/.ssh
chmod 700 ~/.ssh

On client side on password request enter password or just press Enter to make auto login:

cd ~/.ssh
ssh-keygen -t ed25519 -b 4096 -C "e@mail.domain"
# Or without questions
#ssh-keygen -t ed25519 -b 4096 -C "e@mail.domain" -N "" -f ~/.ssh/id_ed25519

Change private key access:

cd ~/.ssh
chmod 600 id_ed25519

Append public key to authorized_keys:

cd ~/.ssh
cat id_ed25519.pub >> authorized_keys
chmod 600 authorized_keys

Copy authorized_keys to server side:

cd ~/.ssh
scp authorized_keys ${REMOTE_USER}@${REMOTE_MACHINE}:~/.ssh

Or on client side:

mkdir ~/bin
nano ~/bin/key.gen.sh

Content:

#!/bin/sh

SSH_DIR=~/.ssh
ARCHIVE_DIR=${SSH_DIR}/archive
TYPE=dsa
TYPE=rsa
TYPE=ed25519
EMAIL=imre.tabur@mail.ee
BITS=4096
SYSTEM=github

REMOTE_USER=
REMOTE_MACHINE=

COPY_TO_REMOTE=yes
COPY_TO_REMOTE=no

genKey() {
    mkdir -p ${ARCHIVE_DIR}
    chmod 700 ${SSH_DIR}
    ssh-keygen -t ${TYPE} -b ${BITS} -C "${EMAIL}" -f ${ARCHIVE_DIR}/id_${TYPE}.${SYSTEM}
    chmod 600 ${ARCHIVE_DIR}/id_${TYPE}.${SYSTEM}
    cp ${ARCHIVE_DIR}/id_${TYPE}.${SYSTEM} ${SSH_DIR}/id_${TYPE}
    cp ${ARCHIVE_DIR}/id_${TYPE}.${SYSTEM}.pub ${SSH_DIR}/id_${TYPE}.pub
}

makeAuth() {
    cat ${ARCHIVE_DIR}/id_${TYPE}.${SYSTEM}.pub >> ${SSH_DIR}/authorized_keys
    chmod 600 ${SSH_DIR}/authorized_keys
}

echoKey() {
    echo "Copy that key to another system:"
    cat ${ARCHIVE_DIR}/id_${TYPE}.${SYSTEM}.pub
}

copyKey() {
    if [ "${COPY_TO_REMOTE}" == "yes" ]
    then
        scp ${SSH_DIR}/authorized_keys ${REMOTE_USER}@${REMOTE_MACHINE}:~/.ssh
    fi
}

genKey
makeAuth
echoKey
copyKey

exit 0

Change key file password

ssh-keygen -p -f ~/.ssh/id_rsa
ssh-keygen -p -f ~/.ssh/id_ed25519