This is an extension of [[shell:putty|How to login into shell via PuTTY/Windows]], [[start:using_a_mac_to_access_your_shell|How to login into shell via Macintosh]] and [[shell:termux|How to login into shell via Android using Termux]]
====== Using SSH Keys ======
===== What is it? =====
Secure SHell (SSH) keys are essentially the use of manually generating a public-private key pair to perform the authentication. This allows users or programs to log in without having to specify a password.
More information can be found here [[https://en.wikipedia.org/wiki/Secure_Shell]]
===== Why? =====
* Public key (pubkey or SSH key) are more secure than password-only login,
* It does not require the end user to remember their password in order to login,
* It is __not__ mandatory to use this feature but //is// recommended if you are conscious over security.
===== How? =====
For now, this page acts as a placeholder. Depending on your device, you may wish to refer to the following websites for more information on how to set it up.
===== RSA vs ecdsa vs ed25519 =====
We accept RSA, ecdsa and ed25519 keys.
In case you are wondering, **ed25519** appears to be the most robust algorithm, followed by ecdsa and then RSA.
Pick one.
==== Windows via PuTTY ====
[[https://devops.ionos.com/tutorials/use-ssh-keys-with-putty-on-windows/]]
==== Windows via CMD, Linux and MacOS ====
[[https://confluence.atlassian.com/bitbucketserver/creating-ssh-keys-776639788.html]]
==== Android ====
=== Install termux from PlayStore or F-Droid ===
Install openssh:
$ pkg install openssh
=== Generate key pair ===
$ ssh-keygen -t ed25519
Generating public/private ed25519 key pair.
Enter file in which to save the key (/data/data/com.termux/files/home/.ssh/id_ed25519): [enter] or specify where you want to store both keys
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /data/data/com.termux/files/home/.ssh/id_ed25519.
Your public key has been saved in /data/data/com.termux/files/home/.ssh/id_ed25519.pub
=== Copy your public key to our server and login in using public key authentication method ===
$ ssh-copyid /data/data/com.termux/files/home/.ssh/id_ed25519.pub youruser@shell.ircnow.org
$ ssh -i /data/data/com.termux/files/home/.ssh/id_ed25519.pub youruser@shell.ircnow.org
=== Bookmark this connection ===
$ vi /data/data/com.termux/files/home/.ssh/config
Host shell
HostName shell.ircnow.org
User youruser
Port 22
IdentityFile /data/data/com.termux/files/home/.ssh/id_ed25519
Congratulations. You may now login to our shell securely by simply running:
$ ssh shell
==== UNIX-like OS (BSD, Linux, Minix, illumos, MacOS) ====
=== Generate key pair ===
$ ssh-keygen -t ed25519
Generating public/private ed25519 key pair.
Enter file in which to save the key ($HOME/.ssh/ed25519): [enter] or specify where you want to store both keys
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in $HOME/.ssh/ed25519.
Your public key has been saved in $HOME/.ssh/.ssh/ed25519.
=== Copy your public key to our server and login in using public key authentication method ===
$ ssh-copyid $HOME/.ssh/ed25519.pub youruser@shell.ircnow.org
$ ssh -i $HOME/.ssh/ed25519.pub youruser@shell.ircnow.org
=== Bookmark this connection ===
$ vi $HOME/.ssh/config
Host shell
HostName shell.ircnow.org
User youruser
Port 22
IdentityFile $HOME/.ssh/ed25519
Congratulations. You may now login to our shell securely by simply running:
$ ssh shell