Ssh

Generating Keypairs

ssh-keygen -t ed25519 -C 'some comment' -f /path/to/outfile -N 'some-password'

• -t: specify the type of key to generate. ed25519 is recommended as it is more secure and is shorter than RSA keys
• -C: a comment for the key
• -f: the output file to write the keypair to
• -N: the password used to protect the private key

Copying Identity To Server

To copy the public key that was just generated to the authorized_keys file of the server being accessed:

ssh-copy-id -i ~/.ssh/mykey.pub user@host

This doesn’t work on Windows 10’s built-in version of OpenSSH as the ssh-copy-id utility isn’t included. Run this in Powershell instead:

type $env:USERPROFILE\.ssh\mykey.pub | ssh user@host "cat >> .ssh/authorized_keys"

SSH Agent

Adding keys to the SSH agent caches them in memory so you don’t have to enter passwords for the key each time it is being used.

• How to use ssh-agent for authentication on Linux / Unix
• Configuring SSH agent on Windows

Using USB Authenticators

• How to use FIDO2 USB authenticators with SSH