# HG changeset patch # User Oleksandr Gavenko # Date 1675724019 -7200 # Node ID 70383fa8bf12d798e4b2846aedfbc3559785ef7a # Parent c83fb8d3809fdcc097c881632b65f8d19b3efbfc About copying SSH pubkey. diff -r c83fb8d3809f -r 70383fa8bf12 ssh.rst --- a/ssh.rst Tue Feb 07 00:39:25 2023 +0200 +++ b/ssh.rst Tue Feb 07 00:53:39 2023 +0200 @@ -42,21 +42,21 @@ $ ssh-keygen -p -N "newphrase" -P "oldphrase" -f ~/.ssh/id_dsa -Coping and deleting public keys -=============================== +To copy your public key to a remote host (for automatic login by a pubkey authentication):: -To copy your public key to remote host (for automatic login by pubkey -authentication):: + $ ssh-copy-id $user@$host $ ssh $user@$host cat ">>" "~/.ssh/authorized_keys" <~/.ssh/id_rsa.pub - # public pub key on remote host - - $ ssh-copy-id $user@$host # alternative to previous command - Dealing with server pubkeys =========================== +To remove a host fingerprint from a local ``known_hosts`` (if you changed a server pubkey or changed +a server):: + + $ ssh-keygen -R hostname + $ ssh-keygen -R hostname -f ~/.ssh/known_hosts + Each SSH server keeps a single priv key, sharing a common pub key with all clients. It is an identity of the server and upon a new connection you are asked to trust this pub key. After accepting the pub key it is written to ``~/.ssh/known_hosts``. @@ -75,12 +75,6 @@ ssh-keygen -E md5 -lf <(ssh-keyscan $HOST 2>/dev/null) -To remove ``known_hosts`` key (it is usually needed if you change a server pubkey or change a -server):: - - $ ssh-keygen -R hostname - $ ssh-keygen -R hostname -f ~/.ssh/known_hosts - Disabling pubkey ================ ::