Mercurial Mercurial > tips / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
ssh.rst
changeset 2538 1f827ee55f7c
parent 2520 787ff2658636
child 2546 d1bb9d4ecb30
equal deleted inserted replaced
2537:a222347b6993 2538:1f827ee55f7c 
    34   ssh-keygen -y -f ~/.ssh/id_dsa >~/.ssh/id_dsa.pub
 
    34   ssh-keygen -y -f ~/.ssh/id_dsa >~/.ssh/id_dsa.pub
 
    35 
    35 
    36 Show fingerprint::
 
    36 Show fingerprint::
 
    37 
    37 
    38   ssh-keygen -l -f ~/.ssh/id_dsa
 
    38   ssh-keygen -l -f ~/.ssh/id_dsa
 
       
    39   ssh-keygen -E md5 -l -f ~/.ssh/id_dsa
 
    39 
    40 
    40 Change passphrase of priv key::
 
    41 Change passphrase of priv key::
 
    41 
    42 
    42   $ ssh-keygen -p -N "newphrase" -P "oldphrase" -f ~/.ssh/id_dsa
 
    43   $ ssh-keygen -p -N "newphrase" -P "oldphrase" -f ~/.ssh/id_dsa
 
    43 
    44 
    50   $ ssh $user@$host cat ">>" "~/.ssh/authorized_keys" <~/.ssh/id_rsa.pub
 
    51   $ ssh $user@$host cat ">>" "~/.ssh/authorized_keys" <~/.ssh/id_rsa.pub
 
    51                                      # public pub key on remote host
 
    52                                      # public pub key on remote host
 
    52 
    53 
    53   $ ssh-copy-id  $user@$host         # alternative to previous command
 
    54   $ ssh-copy-id  $user@$host         # alternative to previous command
 
    54 
    55 
    55 To remove ``known_hosts`` key (usually need if you change server pubkey or
 
    56 
    56 change server)::
 
    57 Dealing with server pubkeys
 
       
    58 ===========================
 
       
    59 
       
    60 Each SSH server keeps a single priv key, sharing a common pub key with all clients. It is an
 
       
    61 identity of the server and upon a new connection you are asked to trust this pub key. After
 
       
    62 accepting the pub key it is written to ``~/.ssh/known_hosts``.
 
       
    63 
       
    64 To list advertized pub keys by a server (``-H`` is host hashing/hiding host name)::
 
       
    65 
       
    66   ssh-keyscan $HOST
 
       
    67   ssh-keyscan -H $HOST
 
       
    68 
       
    69 To list fingerprints of the server pub keys::
 
       
    70 
       
    71   ssh-keygen -lf <(ssh-keyscan $HOST 2>/dev/null)
 
       
    72 
       
    73 To ensure MD5 output format (which is usually displayed with vast majority of existing SSH
 
       
    74 clients)::
 
       
    75 
       
    76   ssh-keygen -E md5 -lf <(ssh-keyscan $HOST 2>/dev/null)
 
       
    77 
       
    78 To remove ``known_hosts`` key (it is usually needed if you change a server pubkey or change a
 
       
    79 server)::
 
    57 
    80 
    58   $ ssh-keygen -R hostname
 
    81   $ ssh-keygen -R hostname
 
    59   $ ssh-keygen -R hostname -f ~/.ssh/known_hosts
 
    82   $ ssh-keygen -R hostname -f ~/.ssh/known_hosts
 
    60 
    83 
    61 Disabling pubkey
 
    84 Disabling pubkey
 
    62 ================
 
    85 ================
 
    63 ::
 
    86 ::
 
    64 
    87 
    65   ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no user@host
 
    88   ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no user@host
 
    66 
    89 
    67 Shell login.
 
    90 Shell login
 
    68 ============
 
    91 ===========
 
    69 ::
 
    92 ::
 
    70 
    93 
    71   $ ssh $user@$host
 
    94   $ ssh $user@$host
 
    72   $ ssh $user@$host:$port
 
    95   $ ssh $user@$host:$port
 
    73 
    96
tips