SSH Toolcase

Here is a small lists of frequent operations you may want to do regarding your SSH keys

Create a SSH key pair

On default directory

The following command will create the keys on default directory (~/.ssh). Warning that this command may overwrite previous keys.

The following command will create the following files:

  • id_rsa (private key)
  • id_rsa.pub (public key)
ssh-keygen -t rsa -C “[email protected]

On user defined directory

The following command will create the following files:

  • example_rsa (private key)
  • example_rsa.pub (public key)
ssh-keygen -t rsa -b 4096 -C "[email protected]" -f ./example_rsa

Configure filesystem permissions

If you store the keys to default directories you don’t have to set the permissions manually. However, if you decide to store them elsewhere you need to make sure that they are only readable by you:

  • Directories should have permissions: 0700
  • Files should have permissions: 0600

Copy a key to clipboard

You can copy a key to the clipboard by using the following command:

xclip -sel clip < ~/.ssh/id_rsa.pub

Configure SSH client and connect

Connect via terminal

Connect using default configuration
ssh [email protected]
Connect via user-defined key file

You should provide the private key to -i flag:

ssh -i ./bla/blu/example.rsa [email protected]
Connect via user-defined key and conf file

You can run custom code placed on a file of your choice too:

ssh -i ./bla/blu/example.rsa -F ssh.conf [email protected]

Content of ssh.conf:

Host *
    RequestTTY yes
    RemoteCommand cd /var/www; exec $SHELL
Use Different keys for same domains

Create a config file (~/.ssh/config):

### default ##
Host *
     User Bob

### configuration for project1 ##
Host gitlab.com-project1
  IdentityFile ~/.ssh/id_rsa.project1

### configuration for project2 ##
Host gitlab.com-project2
  Hostname gitlab.com
  IdentityFile /.sshp/id_rsa.project2

To clone project1:

git clone [email protected]:blalbalbal/project1.git

To clone project2:

git clone [email protected]:blalbalbal/project2.git
Use Different keys for different domains

Create a config file (~/.ssh/config):

### default ##
Host *
     User Bob

### configuration for bla.example.com ##
Host bla.example.com
  Hostname bla.example.com
  User bla_admin
  IdentityFile ~/backups/bla/id_dsa

### configuration for blu.example.com ##
Host blu.example.com
  Hostname blu.example.com
  User blu_admin
  Port 1234
  IdentityFile /backup/blu/id_rsa

Mount locally (SSHFS)

You can mount SSH directories locally via ssh fs:

Install
sudo apt-get install sshfs
Mount remote directory

Create a directory:

mkdir /home/user/localdir

Mount:

sshfs [email protected]:/remote/dir /home/user/localdir

Unmount:

fusermount -u /home/user/localdir

Configure SSH Server access

To have access to a server you need to copy the public key to the authorized keys file on the server. If you have already access an easy way to do this is the following command:

cat ~/.ssh/id_rsa.pub | ssh username@blablahost 'cat >> .ssh/authorized_keys && echo "Key copied"'

Leave a Reply