From b38390029fea95ac075884fa14fff784cc85a492 Mon Sep 17 00:00:00 2001 From: ducoterra Date: Wed, 22 Oct 2025 16:57:53 -0400 Subject: [PATCH] update README ssh notes --- README.md | 46 ++++++++++++++++++++++++++++------------------ 1 file changed, 28 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index df83d26..5470593 100644 --- a/README.md +++ b/README.md @@ -64,32 +64,42 @@ find . -type d -exec chmod 755 {} \; ## SSH Setup +Generate a key (password protect it!) + ```bash -export REMOTE_USER=${USER} -export REMOTE_HOST=something.com -export REMOTE_PORT=22 - -# The following is generated by the above variables. No tweaks necessary. -export KEY_NAME=~/.ssh/id_${REMOTE_USER}_${REMOTE_HOST} -export KEY_COMMENT="${USER}@${HOSTNAME}:${REMOTE_USER}@${REMOTE_HOST}" - # Pick one of the below key types # ed25519 -ssh-keygen -C ${KEY_COMMENT} -f ${KEY_NAME} -t ed25519 +ssh-keygen -C ssh@ducoterra.net -t ed25519 # rsa 4096 -ssh-keygen -C ${KEY_COMMENT} -f ${KEY_NAME} -t rsa -b 4096 +ssh-keygen -C ssh@ducoterra.net -t rsa -b 4096 -cat <> ~/.ssh/config +# Inspect a key +ssh-keygen -l -f ~/.ssh/id_rsa -Host ${REMOTE_HOST} - Hostname ${REMOTE_HOST} - IdentityFile ${KEY_NAME} - User ${REMOTE_USER} - Port ${REMOTE_PORT} -EOF +# Change the password +ssh-keygen -p -f ~/.ssh/id_rsa +``` +In your ~/.ssh/config, add the following line to set the default key + +```conf +IdentityFile ~/.foo/identity +``` + +Then add a host to your local computer + +```bash +Host + Hostname + User + Port +``` + +And copy the key to a remote computer + +```bash # Copy the generated key to the server using password auth. Assumes password auth enabled. -ssh-copy-id -o PubkeyAuthentication=no -i ${KEY_NAME} ${REMOTE_USER}@${REMOTE_HOST} +ssh-copy-id -f -i ~/.ssh/id_ed25519 ${REMOTE_USER}@${REMOTE_HOST} # Log into the server with your key ssh -i ${KEY_NAME} ${REMOTE_HOST}