Skip to main content

SSH

SSH Overview

Generate a goodsecure SSH key

ED25519 requires OpenSSH v6.5

ssh-keygen -t ed25519 -a 100 -f ~/.ssh/id_ed25519id_ed25519_admin -C "{my-email@domain.tld}"

You might need a second RSA key because ED25519 uses the OpenSSH format to save the private key. This new format is supported from OpenSSH v6.5.

ssh-keygen -t rsa -b 4096 -a 100 -f ~/.ssh/id_rsa_admin -C "{my-email@domain.tld}"

Information

Read a private key and output the public key (e.g. to validate the password) :

ssh-keygen -y -f ~/.ssh/id_ed25519_admin

Ressources

https://risanb.com/code/upgrade-ssh-key-to-ed25519/
https://wiki.archlinux.org/title/SSH_keys
https://dancroak.com/ssh-ed25519
https://tutox.fr/2020/04/16/generer-des-cles-ssh-qui-tiennent-la-route/
https://homputersecurity.com/2017/04/21/authentication-en-deux-etapes-sur-un-serveur-ssh-cle-publique-code-totp/

Back to top