ssh public key

-v Verbose mode. Causes ssh to print debugging messages about its progress.
This is helpful in debugging connection, authentication, and configuration
problems. Multiple -v options increase the verbosity. The maximum is 3.

-T Disable pseudo-tty allocation.
As explained in "gitolite: PTY allocation request failed on channel 0", it is important to do ssh test connection with -T, because some server could abort the transaction entirely if a text-terminal (tty) is requested.


-i identity_file
Selects a file from which the identity (private key) for public key authenti‐
cation is read. The default is ~/.ssh/identity for protocol version 1, and
~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for proto‐
col version 2. Identity files may also be specified on a per-host basis in
the configuration file. It is possible to have multiple -i options (and mul‐
tiple identities specified in configuration files). ssh will also try to load
certificate information from the filename obtained by appending -cert.pub to
identity filenames.



If your local system has the ssh-copy-id tool installed, you can directly add your public key to the server's authorized_keys file with a single command:

$ ssh-copy-id john@serverdomain

Additionally, you can use the verbose flag (-v or -vvv) with the ssh command to get details of every step taken by the SSH client.


sshuser1@ubuntu2:~/.ssh$ ssh-copy-id -i ubuntu@192.168.40.128
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ubuntu@192.168.40.128's password: 

Number of key(s) added: 1


Now try logging into the machine, with:   "ssh 'ubuntu@192.168.40.128'"

and check to make sure that only the key(s) you wanted were added.

sshuser1@ubuntu2:~/.ssh$ ssh ubuntu@192.168.40.128

Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.16.0-77-generic i686)

 * Documentation:  https://help.ubuntu.com/


43 packages can be updated.

26 updates are security updates.

New release '16.04.1 LTS' available.

Run 'do-release-upgrade' to upgrade to it.


WARNING: Security updates for your current Hardware Enablement Stack

ended on 2016-08-04:
 * http://wiki.ubuntu.com/1404_HWE_EOL

There is a graphics stack installed on this system. An upgrade to a

configuration supported for the full lifetime of the LTS will become
available on 2016-07-21 and can be installed by running 'update-manager'
in the Dash.
    
You have new mail.
Last login: Tue May 19 12:46:08 2015 from 192.168.174.129
=====================================


testus@ubuntu2:~$ mkdir .ssh
testus@ubuntu2:~$ touch .ssh/authorized_keys
testus@ubuntu2:~$ pwd
/home/testus
testus@ubuntu2:~$ chmod 700 .ssh/
testus@ubuntu2:~$ chmod 600 .ssh/authorized_keys 

testus@ubuntu2:~$ pwd
/home/testus
testus@ubuntu2:~$ ssh-key
ssh-keygen   ssh-keyscan  
testus@ubuntu2:~$ ssh-keygen 


testus@ubuntu2:~/.ssh$ cat id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBwNEA2qSBDmOBH2J3RsaPqBqbKQ1UxzFsJaNCciupHrJHBZxAFhWQhTy+AYuPgAIMMTQVP/bBheWjAp6ql8YTtGdxBAQhlbuH330NTYVamAgYV5V57uOh2vgPTTRCFt28VWmwx2MMdDpENsyKlNpbA8ZzVsjS3aggmZ1/G83NiEvQ5rSqQcVgKXlFawVqXM0TNQfDK8IyDP6esK8iEEZdZOKUTcCjUkpxEP6HECEqpNkDclI9DkjYqV4Mi57QhFBZnGivYuqIyPpvU/GB3bhftK49pqkDtj6Pk8fc35Si1PbMYU3mdsOJWEve6WlcgU+f4R5Sg8JGBLjRLiijQHVb testus@ubuntu2


testus@ubuntu:~/.ssh$ cat authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBwNEA2qSBDmOBH2J3RsaPqBqbKQ1UxzFsJaNCciupHrJHBZxAFhWQhTy+AYuPgAIMMTQVP/bBheWjAp6ql8YTtGdxBAQhlbuH330NTYVamAgYV5V57uOh2vgPTTRCFt28VWmwx2MMdDpENsyKlNpbA8ZzVsjS3aggmZ1/G83NiEvQ5rSqQcVgKXlFawVqXM0TNQfDK8IyDP6esK8iEEZdZOKUTcCjUkpxEP6HECEqpNkDclI9DkjYqV4Mi57QhFBZnGivYuqIyPpvU/GB3bhftK49pqkDtj6Pk8fc35Si1PbMYU3mdsOJWEve6WlcgU+f4R5Sg8JGBLjRLiijQHVb testus@ubuntu2

testus@ubuntu2:~/.ssh$ ssh testus@192.168.40.128
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.16.0-77-generic i686)
testus@ubuntu:~$ exit

Comments

Popular posts from this blog

HAproxy logging

teamcity Automatic Agent Start under Linux

NFS mount add in fstab _netdev instead of default | firewall-cmd --list-all