ssh
Tips and tricks for working with ssh
Create an SSH Key
ED25519 is generally recommended as a better option than RSA 4096
Add an SSH Key to the authorized_keys file
If you have code execution on a system and SSH is configured, you can add your Public SSH key to it and be able to SSH into it with your Private key (provided SSH is enabled)
You'll need to add your Public key to the system you want to SSH into and then you can SSH using your Private key
Generate a Public Key from a Private Key
With access to a Private Key, we can generate the corresponding Public Key
This is useful if we've lost the key or to get information on the user and system it was generated on
Specify a Specific SSH Key to Use
If you have multiple SSH keys loaded into your SSH agent and try connecting to a server, sometimes the server will reject the connection because too many keys are being used to authenticate
The way around this is to use the parameter
-o "IdentitiesOnly=yes"
which specifies the exact key to use i.e., any other SSH keys will be ignored
Certificate-based Authentication for SSH
Certificates provide more security over passphrases but require a Certificate Authority (CA) to set up
Additionally, Certificates have metadata that can be used for user identification, expiring access, role-based access control, and more
There's a great blog post from Teleport on this
Last updated