ssh-keygen -t rsa -b 4096 -C "user@domain"
ssh-keygen -p -f ~/.ssh/id_rsa
ssh-keygen -l
ssh-copy-id -i ~/.ssh/id_rsa.pub user@server
ssh-keygen -F <host> -l
ssh-keygen -f ~/.ssh/known_hosts -R <host>
ssh-keyscan <host>
ssh -x user@domain
sudo ufw allow proto tcp from 192.168.178.0/24 to any port 22
~/.ssh/config
: client configuration (possibly different from server to server, see Linux manual page ssh_config(5))~/.ssh/known_hosts
: known host(s) public key fingerprint (SSH will never ask you again, to accept the associated public key when SSL/TLS is running)~/.ssh/id_rsa.pub
: RSA public key2)~/.ssh/id_dsa.pub
: DSA public key3)~/.ssh/id_ecdsa.pub
: ECDSA public key~/.ssh/id_ed25519.pub
: (Bernstein) Curve ed25519 public key~/.ssh/id_rsa
: RSA private key
See below for a ~/.ssh/config
example, which uses client keep-alive and connection multiplexing (for a particular host).
Host <name> HostName <host> IdentityFile ~/.ssh/id_rsa User <user> EscapeChar none # multiplexing ControlPath ~/.ssh/controlmasters/%r@%h:%p ControlMaster auto ControlPersist 3h # keep-alive TCPKeepAlive yes ServerAliveInterval 15 ServerAliveCountMax 4