ssh host v client regarding keys
Dan Purgert
dan at djph.net
Mon Feb 16 14:07:39 UTC 2015
On Mon, 16 Feb 2015 17:28:10 +1100, Karl Auer wrote:
> [...]
> - DO NOT copy your private key to anywhere
I would counter and say that one should copy it to offline storage (e.g.
burned CD) and then store it in one of those personal fireproof lockboxes
from Office Max et. al. (or somewhere off site, e.g. a bank deposit box).
Might need that backup in case your computer is ruined (e.g. a natural
disaster).
> cd ssh-keygen -t rsa -b 4096 [if cuser doesn't have keys]
> ssh huser at host ssh-keygen [if huser doesn't have .ssh]
> scp .ssh/id_rsa.pub huser at host:.ssh/cuser.pub ssh huser at host "cat
> .ssh/cuser.pub >> .ssh/authorized_keys ;
> rm .ssh/cuser.pub"
>
> Another alternative, if you have a terminal window open on both host and
> client, is to display cuser's public key in the client window, edit
> ~huser/.ssh/authorized_keys in the host window, and just copy and paste
> the key into authorized_keys.
And yet another (which personally I would only use on trusted internal
nets) is the ssh-copy-id command.
More information about the ubuntu-users
mailing list