SSH - know how

This is only an extract from official website www.ssh.com. This should help to understand how pair key authentication works


  • prvate - secret kept on client/end user side. Often secured with some passphrase and kept away in directory accessible only for root. It is used for generate public key and decode information encoded with public key.
  • public - available for everyone. To make it possible to login it need to be authorized and also kept on server side.

Generate a pair of keys:

To generate pairs of keys use ssh-keygen app. To get private and public keys for RSA algorythm, 4096 bytes long, to file with name my_keys we use command:

> ssh-keygen -t rsa -b 4096 -f my_keys 

Generating public key from private one:

Yes, it is possible. Owning private key we can generate pubick key. For this purpose we will use again ssh-keygen:

> ssh-keygen -y -f path/to/private/key/my_key > path/to/private/key/my_key.pub

It is not a mistake in paths. Both files should be kept in one place.

Coping key to server:

Generated key must be somehow transfered to server. We can do this using ssh-copy-id app. Uploaded key will be checked and added to authorized keys automatically. To make it use this command:

> ssh-copy-id -i path/to/public/key -p 2222 user_name@server_name

List of available keys:

It can be easily checked what keys are available. By default they are stored in home directory:

  • linux: ~/.ssh
  • windows - c:/users/user_name/.ssh

But we can use also ssh-add app:

> ssh-add -L

Loging in using ssh:

> ssh -p 2222 user_name@server_name

Wszelkie prawa zastrzeżone. Projekt i wykonanie strony SrcPro.pl