I want to verify that my SSH key in github matches the local file on my computer.
The github key seems to be SHA256, encoded in base64, but my local key, encoded with this command doesn't seem to match it.
$ cat ~/.ssh/github.pub | sha256sum | base64
Is there a better way to achieve what I'm trying to do?
An SSH public key in OpenSSH format contains two or three parts, separated by spaces:
The algorithm name.
A base64-encoded SSH public key in protocol format.
An optional comment.
The fingerprint of an SSH key is the base64-encoded SHA-256 hash of the raw public key (that is, without the base64 encoding). You can script this, but fortunately, there's an easy way to find it out using ssh-keygen:
$ ssh-keygen -l -f ~/.ssh/id_ed25519.pub
You can change the file name for the public key to the appropriate one on your system. On my system, the output looks like this:
256 SHA256:E59Xzh/fsZKkCEL46kTLbPFGXyIodA+ntsQL0JWmq9Y bmc#camp (ED25519)
The fingerprint is the second piece.
A simple way to test that they match is by authenticating by ssh in the command line.
After setting up your ssh-key, type:
ssh -T git#github.com
https://docs.github.com/en/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection
This one will use only the key supplied in -i for auth:
ssh -i ~/.ssh/github -o IdentityAgent=none -T git#github.com
Related
I generated the SSH key using the command: $ ssh-keygen, It prompted for a filename and phrase, which I provided and generated the corresponding file. Then from github.com I added the SSH key from settings>SSH and GPG keys where I pasted the key in the generated file. Then I hit the command $ ssh -T git#github.com in the terminal which gave me a :Permission denied (publickey). message. What does this message mean and why am I getting this? Previously I didn't have trouble with this.
where I pasted the key in the generated file.
Make sure it was:
the id_rsa.pub file, meaning the public key (not the private one)
the public key pasted as one continuous line (not multiple lines)
Check also you have added your private key to the ssh-agent. (in order to not enter the passphrase every time)
Is there any option to rename the encrypted file in gpg?
For example, when I encrypt a file (eg. file1.txt) I use the command
gpg --encrypt --sign --armor -r person#email.com file1.txt
What I want is to rename the encrypted file to something like enc-file1.txt
Is it possible?
The man page, which you really should have checked first, tells me
--output file
-o file
Write output to file.
More information can be found in the gnupgp documentation.
is there something wrong with this scp command ?
scp -C -i ./remoteServerKey.ppk -r /var/www/* root#192.168.0.15:/var/www
I use the same .ppk as in putty and enter the same passphrase, but it asks me 3 times and than says connection denied. I thought I used it before and it worked, but it isnĀ“t atm.
If it is wrong, how should I do it ?
or you can also do ( for pem file )
scp -r -i file.pem user#192.10.10.10:/home/backup /home/user/Desktop/
Covert .ppk to id_rsa using tool PuttyGen, (http://mydailyfindingsit.blogspot.in/2015/08/create-keys-for-your-linux-machine.html) and
scp -C -i ./id_rsa -r /var/www/* root#192.168.0.15:/var/www
it should work !
Putty doesn't use openssh key files - there is a utility in putty suite to convert them.
edit: it is called puttygen
The command looks quite fine. Could you try to run -v (verbose mode) and then we can figure out what it is wrong on the authentication?
Also as mention in the other answer, maybe could be this issue - that you need to convert the keys (answered already here): How to convert SSH keypairs generated using PuttyGen(Windows) into key-pairs used by ssh-agent and KeyChain(Linux) OR http://winscp.net/eng/docs/ui_puttygen (depending what you need)
I have created lately in Windows ssh key - so I have .ppk file. Converted it also to openssh.
In windows I have been using tortoise with pageant to connect to svn+ssh server. Now I want to switch to linux. How can I connect to svn+ssh with this key .ppk or opessh file. I would like to use PagaVCS or RabbitVCS but it keeps asking me for login and password which obviously I don't have because I have only this openssh or .ppk file. Anyone could help??
Use puttygen to convert the key to openssh format. It is for example described here: http://leadingedgescripts.co.uk/server-administration/how-to-convert-your-putty-ppk-private-key-to-a-normal-ssh-key-you-can-use-on-an-apple-mac/
Unfortunately no experience with either Rabbit or the other one. In *nix environment I would create $HOME/.ssh/config and write something like that:
Host host
User user
IdentityFile /path/to/your/key
And then use svn+ssh://host/directory (ssh then takes configuration information from the .ssh/config file). Maybe something like can be done with one of the VCS's?
As last (or first in my case) resort I'd use cygwin or mingw and configure ssh access there - and then configure the tools to use ssh coming from these packages.
Puttygen exports private keys DES encoded, which causes some software (e.g. OpenSSH on Ubuntu) to silently ignore the key and prompt for password.
To use PuTTY .ppk key in linux OpenSSH, first export the key:
Start puttygen
File -> Loadprivate key
Conversions -> Export OpenSSH key (private.key in this example)
Now, on the linux machine, re-encrypt the key using passphrase change command:
ssh-keygen -pf private.key
Enter the same passphrase 3 times (old, new, new) to actually not change it.
Now you can check the key file that DEK-Info: changed from something like DES-EDE3-CBC,F1785C4B846C781F to AES-128-CBC,916627D6328608175FA4545928372EA3.
The client application should not promt you for password anymore.
I am sure the answer for this was online but I can't seem to find it anywhere any more so here it is from beginning to end including the conversion you say you've done:
Open puttygen on Windows.
Load your private key (name.ppk) using the passphrase if needed.
Go to 'Conversions' -> 'Export OpenSSH Key' and save it as (I'll assume you called it 'fileName').
Copy this key into your home directory on Linux.
Open a terminal and move it to the .ssh directory with the command 'mv fileName .ssh/' (~/.ssh is hidden in the gui but it's there).
Navigate to the .ssh dir with 'cd .ssh'
Cat the file into a new file called id_rsa with the command 'cat fileName > id_rsa'.
Change the permissions on id_rsa to 600 with the command 'chmod 600 id_rsa'.
Finally make sure the .ssh directory has its permissions set to 700 'cd ..' to drop to the home directory and 'chmod 700 .ssh' to set permissions.
This should do it.
There must be better info out there but this link has some stuff you might find interesting, particularly the bit about permission http://www.lamolabs.org/blog/6241/one-liner-working-with-ssh-keygen-ssh-key-pair-files/
Im writing a shell script to use the scp command (ssh) to transfer a file across to a computer. This obviously is password protected is there a way on either end to either...disable the password or to auto complete the password for the customer?
This out of pure convience and I have no idea if it is possible (im fairly new to linux), any help or pointers would be appreciated.
Thanks in advance
You can generate a pair of RSA/DSA keys (public and private). In your terminal:
$ ssh-keygen
It will generate a pair of files:
Private key: .ssh/id_dsa
Public key: .ssh/id_dsa.pub
Then, if you have access to remote host, you can add your public key to .ssh/authorized_keys file. In your remote host, copy the public key and use the following command:
cat id_dsa.pub >> .ssh/authorized_keys
You should you public key identification if you have access to SSH keys on both machines.
have a look at ssh keys. github has a nice intro