Ed25519

Page content

like ssh and secure keys ?

Generate Secure Key

ssh-keygen -o -a 100 -t ed25519 -C "MyFamousComment"
ssh-keygen -o -a 100 -t ed25519 -C "`whoami` `hostname`"
ssh-keygen -o -a 100 -t ed25519 -C "`whoami` `hostname` `date \"+%Y-%m-%d\"`"
ssh-keygen -o -a 100 -t ed25519 -C "`whoami` `hostname` `date \"+%Y-%m-%d %H:%M\"`"

What’s ed25519 ?

Wikipedia about Curve25519

2^{{255}}-19

Distribute Key

ssh-copy-id user@remote-server-ip-or-dns-name

Connect to Remote

Connect to Remove without Agent Forwarding (use this unless you know what you’re dooing …)

ssh -a ip-or-hostname

Connect with Agent Forwarding

or if you need Agent Forwarding

ssh -A ip-or-hostname

Confirm Agent Forwarding

to confirm if agent forwarding is working, you can check your environment:

boss ~$ env |grep SSH
SSH_TTY=/dev/ttyp0
SSH_AUTH_SOCK=/tmp/ssh-sx8jqoWoD7/agent.10207
SSH_CONNECTION=192.168.2 55484 192.168.1.1 22
SSH_CLIENT=192.168.108.2 55484 22

Check if Passphrase is set

ssh-keygen -y -f .ssh/id_ed25519

Change Passphrase

ssh-keygen -p -f .ssh/id_ed25519
Enter old passphrase:
Enter new passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved with the new passphrase.

Extract Public Key from Private Key

ssh-keygen -y -f ~/.ssh/id_ed25519
ssh-keygen -y -f ~/.ssh/id_ed25519 > ~/.ssh/id_ed25519.pub

Change Comment on Privat Key

ssh-keygen -c -C "my new comment" -f ~/.ssh/id_ed25519
Old comment: whatever-was-here
Comment 'my new comment' applied

SSH Authentication with Password (without Key)

ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no -l user switchxxx

Keychain

keychain is a manager for ssh-agent, typically run from ~/.bash_profile. It allows your shells and cron jobs to easily share a single ssh-agent process. By default, the ssh-agent started by keychain is long-running and will continue to run, even after you have logged out from the system.

doas pkg_add keychain

$ keychain                                                                                                     

 * keychain 2.8.5 ~ http://www.funtoo.org
 * Starting ssh-agent...

sha256: 6056b2e3c7f4ef0db9764f90964e017065004c2453faa32a3a44f87a0c79eba7