How it works?

1. Local creates public_key (id_rsa.pub) & private_key (id_rsa).
2. Only private_key can understand public_key.
3. Remote sends messages encrypted based on public_key.
4. Local has to use private_key to understand (decrypt) remote's messages.

Generate a public key

• Windows: Using below command, if it asks for a location, indicate C:\\Users\\dinha\\.ssh\\

• Linux: /home/thi/.ssh/

  ssh-keygen -t rsa -b 4096 -C "[email protected]"
  # without email
  ssh-keygen -t rsa -f ~/.ssh/id_rsa.home
  

Multiple ssh keys

1. Create key with different names, e.g. id_rsa.home, id_rsa.work.

2. Add to ~/.ssh/config,

   Host home
   Hostname home.example.com
   IdentityFile ~/.ssh/id_rsa.home
   User <your home acct>
   #
   Host work
   Hostname work.example.com
   IdentityFile ~/.ssh/id_rsa.work
   User <your work acct>
   

3. Add to ssh-agent (don't need to retype password again)

   eval "$(ssh-agent -s)"
   ssh-add ~/.ssh/id_rsa.home
   ssh-add ~/.ssh/id_rsa.work
   

4. Don't forget to clone you repo with git instead of https.

Add public key to remote

Suppose that we wanna connect to a remote host [email protected] from a local machine.

1. On local machine, copy public key at C:/Users/dinha/.ssh (Windows) and ~/.ssh (Linux) (something like id_rsa.pub) (copy its content).
2. On remote server (Linux), go to ~/.ssh, open file authorized_keys by vim authorized_keys
   1. Be carefull, you can modify the current keys!
   2. Go to the end of this file (by W)
   3. Press I to enter to the editing mode, press Enter for a new line.
   4. Using mouse to copy/paste the key in the 1st step (on your local machine).
   5. Note that, each key stays in a separated line.
   6. ESC and then type :wq to quick and save.
   7. Try to connect again!

Connecting

ssh remote_username@remote_host
ssh remote_username@remote_host -p remote_port

# CHECK VERSION
ssh -V

# DISCONNECT
exit