38,760
edits
Using SSH keys in Linux/en: Difference between revisions
Updating to match new version of source page
(Updating to match new version of source page) |
(Updating to match new version of source page) |
||
| Line 6: | Line 6: | ||
Before creating a new key pair, check to see if you already have one. If you do, but can't remember where you've used it, it's better to create a fresh one, since you shouldn't install a key of unknown security. | Before creating a new key pair, check to see if you already have one. If you do, but can't remember where you've used it, it's better to create a fresh one, since you shouldn't install a key of unknown security. | ||
Key pairs are typically located in the <code>.ssh/</code> directory in your home directory. By default, a key is named with an "id_" prefix, followed by the key type ("rsa", "dsa", "ed25519"), and the public key also has a ".pub" suffix. So a common example is <code>id_rsa</code> and <code>id_rsa.pub</code>. A good practice is to give it a name that | Key pairs are typically located in the <code>.ssh/</code> directory in your home directory. By default, a key is named with an "id_" prefix, followed by the key type ("rsa", "dsa", "ed25519"), and the public key also has a ".pub" suffix. So a common example is <code>id_rsa</code> and <code>id_rsa.pub</code>. A good practice is to give it a name that is meaningful to you and identify on which system the key is used. | ||
If you do need a new key, you can generate it with the <code>ssh-keygen</code> command: | If you do need a new key, you can generate it with the <code>ssh-keygen</code> command: | ||
<source lang="console"> | |||
[name@yourLaptop]$ ssh-keygen -t ed25519 | |||
</source> | |||
or | |||
<source lang="console"> | <source lang="console"> | ||
[name@yourLaptop]$ ssh-keygen -b 4096 -t rsa | [name@yourLaptop]$ ssh-keygen -b 4096 -t rsa | ||
| Line 40: | Line 44: | ||
</source> | </source> | ||
When prompted, enter a passphrase. If you already have key pairs saved with the default names, you | When prompted, enter a passphrase. If you already have key pairs saved with the default names, you should enter a different file name for the new keys to avoid overwriting existing key pairs. | ||
More details on best practices can be found [[SSH_Keys#Best_practices_for_key_pairs| here]] | |||
=Installing the public part of the key= | =Installing the public part of the key= | ||
==Installing via CCDB== | ==Installing via CCDB== | ||
We encourage all users to leverage the new CCDB feature to install their SSH public key. This will make the key available to all our clusters. | We encourage all users to leverage the new CCDB feature to install their SSH public key. This will make the key available to all our clusters. | ||
Grab the content of your public key (called id_rsa.pub in the above case) and upload it to CCDB as per instructions in [[SSH_Keys#Installing_your_key| SSH Keys Installing your key]] in the section "Using CCDB", STEP 3. | Grab the content of your public key (called id_rsa.pub in the above case) and upload it to CCDB as per instructions in [[SSH_Keys#Installing_your_key| SSH Keys Installing your key]] in the section "Using CCDB", STEP 3. | ||