SSH Misc

link to this article

$ scp ~/.ssh/id_rsa.pub remote:.ssh/authorized_keys
-> equivalent ssh-copy-id

Verify authenticity host

$ ssh-keygen -lf /etc/ssh/ssh_host_rsa_key
$ ssh-keygen -lF newremoteip

ssh-agent

$ ssh-agent
$ eval "$(ssh-agent)"

add a key to the agent

$ ssh-add ~/.ssh/id_rsa
or all keys
$ ssh-add

To see the key(s)

$ ssh-add -l

add for 2 hours

$ ssh-add -t 7200 ~/.ssh/id_rsa

Remove a key of the agent

$ ssh-add -d 
or all keys
$ ssh-add -D

and kill the agent

$ eval "$(ssh-agent -k)"

correct permissions

chmod 700 ~/.ssh
chmod 644 ~/.ssh/authorized_keys
chmod 644 ~/.ssh/known_hosts
chmod 644 ~/.ssh/config
chmod 600 ~/.ssh/id_rsa
chmod 644 ~/.ssh/id_rsa.pub
chmod 600 ~/.ssh/github_rsa
chmod 644 ~/.ssh/github_rsa.pub
chmod 600 ~/.ssh/mozilla_rsa
chmod 644 ~/.ssh/mozilla_rsa.pub

generate key

ssh-keygen -t ed25519 -o -a 100 -N '' -C "user@domain.tld" -f ~/.ssh/id_ed25519
ssh-keygen -t rsa -b 4096 -N '' -C "user@domain.tld" -f ~/.ssh/github_rsa
ssh-keygen -t rsa -b 4096 -N '' -C "user@domain.tld" -f ~/.ssh/mozilla_rsa

Allow new hosts authenticity

in .ssh/config :

Host 192.168.0.*
   StrictHostKeyChecking no
   UserKnownHostsFile=/dev/null