Quick reference for creating SSH keys
Creating the Key
Run the following command in a terminal:
ssh-keygen -t rsa -b 4096 -C "[email protected]"
Follow the steps and type a secure passphrase.
Using the SSH agent
Typing the passphrase every single time we use the key can be a bit exhausting, fortunately we can use a ssh agent to solve this problem. Run the following command in terminal to spawn the agent.
eval "$(ssh-agent -s)"
Now add your key to the agent:
ssh-add ~/.ssh/id_rsa
Note.- the flag -l
can be used to list the fingerprints of all identities currently represented by the agent.
ssh-add -l
Using Keychan to spawn the agent automatically
So far we were able to connect to our ssh server automatically during the current session, but the agent will be removed when we logout. If we are looking for persistence we can use keychan and introduce the passphrase only when we start or reboot the server.
Install keychan:
sudo apt-get install keychain
Open .bash_profile
with your text editor:
vim ~/.bash_profile
and type the following line:
eval `keychain --eval --agents ssh id_rsa`
This will add the id_rsa to keychan. The next time you login you will see a screen similar to this, asking for the passphrase:
* keychain 2.8.1 ~ http://www.funtoo.org * Found existing ssh-agent: 11234 * Known ssh key: /home/ubuntu/.ssh/id_rsa Enter passphrase for /home/your_user/.ssh/id_rsa:
Introduce the passphrase and we are done.