Skip to content

Instantly share code, notes, and snippets.

@zmts

zmts/ssh_cert.md

Last active October 25, 2021 17:16
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save zmts/7be905c904978d66d844409110f40dab to your computer and use it in GitHub Desktop.
Save zmts/7be905c904978d66d844409110f40dab to your computer and use it in GitHub Desktop.
Download ZIP
ssh cert to remote server access
Raw
ssh_cert.md

SSH cert to remote server access

Generate ssh certificate with unique filename. Stroring keys in separate files will help make backup without not related keys.

➜ cd /Users/alex/.ssh
➜ ssh-keygen -t rsa -b 4096 -f myproject_test -C "myproject comment"

Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

Your identification has been saved in myproject_test.
Your public key has been saved in myproject_test.pub.
The key fingerprint is:
SHA256:Bhweh0ETJu7RB/7yKNyAoXiVEHErIL2Je5d8Gvpvii4 alex@macbook2015.local
The key's randomart image is:
+---[RSA 4096]----+
|o.+oo.X+.        |
|...+ X.*         |
| .oo* * .        |
|o.o* . +         |
|o.o.o.. S        |
|....=o.=         |
| . oo+o .        |
|E .....          |
| oo.o+.          |
+----[SHA256]-----+

Now copy public key to remote(target) server (111.111.111.111)

➜ ssh-copy-id -i /Users/alex/.ssh/myproject_test.pub root@111.111.111.111

Or if you have custom ssh port

➜ ssh-copy-id -i /Users/alex/.ssh/myproject_test.pub root@111.111.111.111 -p 7777

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "myproject_test.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

root@111.111.111.111's password:

Number of key(s) added:        1

Now try logging into the machine, with:   "ssh -root@111.111.111.111"
and check to make sure that only the key(s) you wanted were added.

Try to login

ssh -i /Users/alex/.ssh/myproject_test root@111.111.111.111

Or with custom ssh port

ssh -i /Users/alex/.ssh/myproject_test -p 7777 root@111.111.111.111

Enter passphrase for key 'myproject_test':

Use one public key to multiple servers

In case when we have multiple servers in one project. We can just copy public key to this servers and use it to have access everywere.

➜ ssh-copy-id -i /Users/alex/.ssh/myproject_test.pub root@111.111.111.111
➜ ssh-copy-id -i /Users/alex/.ssh/myproject_test.pub root@111.111.111.112
➜ ssh-copy-id -i /Users/alex/.ssh/myproject_test.pub root@111.111.111.113

Other

If you set passphrase to certificate probably will want to check it

ssh-keygen -y -f myproject_test

p.s. https://blog.programs74.ru/how-to-copy-ssh-key-using-utility-ssh-copy-id/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment