What I want to do is to copy key to another host.
ssh-copy-id -i ~/.ssh/id_rsa user#host
I get error:
/usr/bin/ssh-copy-id: ERROR: failed to open ID file '[homedir].ssh/id_rsa.pub':
So there is no public key. So where is it? I tried to use command
sudo find / -name id_rsa.pub
but it only found one which I generated experimentally in my test directory. I tried sending the experimental from the test directory, but then it keeps infinitely asking paraphrase and does not send when I keep pasting.
So there is something wrong.
I could regenerate using
ssh-keygen -t rsa
but then it tries to use ~./.ssh directory
and wants to overwrite private id_rsa key. I am afraid this might brake something.
So how do I get my public key file?
Just in case someone else comes here looking for an answer to the OP's question... and to directly answer that question (namely, how can you re-generate the .pub key in a situation where it is missing, and you only have the private key)...
Here is the answer:
Regenerating a .pub key from the private key
ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
The -y option is the command instructing ssh-keygen to output your public key.
This will re-generate the .pub part of the pair. Just as the OP pointed out, if you simply generate a new pair, and replace the old private key, you will lose access to whatever servers you have already provided your public key to. Sure, you can go through the process of providing a new public key to those servers, but why go through that hassle if it can be easily avoided?
RSA keys work on pairs. You can generate ssh private and public keys any number of times..it does not break anything. It simply replaces the old one with a newly generated keys. This only requires you to copy the newly generated public key id_rsa.pub to your remote machine's ~/.ssh/authorized_keys file in order for you to access secure shell using rsa keys.
So generate new rsa keys on your home's .ssh directory (your old keys are replaced by new ones) and copy to the remote host's .ssh directory
cd /home/<your_username>/.ssh
ssh-keygen -t rsa
scp ~/.ssh/id_rsa.pub remote_username#host:~/.ssh/authorized_keys
then
ssh remote_username#host
Keep passphrase empty while generating your new keys unless you want to enter passphrase every time you try to make a ssh connection.
NOTE: you need to append your public key to authorized_keys file in remote host's ~/.ssh directory if it already exists holding other client's public keys.
Related
I accidentally deleted my id_rsa_gitlab file, and when I wanted to clone from GitLab, I received this error.
no such identity:/Users/directory/.ssh/id_rsa_gitlab: No such file or directory
I'm new to pipelines, and I tried to follow tutorials on how to configure .ssh, but it's just the id_rsa file that gets configured.
The command would be:
ssh-keygen -t rsa -P "" -f /Users/directory/.ssh/id_rsa_gitlab
That would restore a private/public key, and you need to register the public key to your account.
Check which Host entry references that private key in your /Users/directory/.ssh/config file.
Generate a new SSH key and add it to your GitLab repository.
See Adding your SSH key to GitLab.
I have already copied an SSH key to a server with ssh-copy-id -i ~/.ssh/skynet_key.pub.
Now I am building the gitlab-ci pipeline and have generated an new SSH key pair on my computer. I saved the private key as a variable in my gitlab project account.
Now I want to upload the new public key to the server.
My question is can I do this again from my local computer with ssh-copy-id?
Because I already have an SSH key pair distributed on both systems.
Would there be any problems here?
If so, how can I transfer the public key to the server?
Manually add the pubKey to authorized_keys?
As mentioned here, you can use the -o option (passed to SSH) to specify an existing key, in order to copy your second key:
ssh-copy-id -i ~/.ssh/<your-new-id-to-install> \
-o 'IdentityFile ~/.ssh/<your-already-existing-id>' \
<servername>`
I'm using Yubikey 5 NFC and want to move my openssh key into it so that I can authenticate for ssh login via this Yubikey.
Maybe you will suggest to generate a new gpg keypair for Yubikey and use the gpg-agent instead of ssh-agent to authenticate. But I still want to move my current ssh private key into Yubikey because this way I don't have to edit authorized_keys everywhere.
I tried to do this following this article:
https://www.mvps.net/docs/how-to-add-your-existing-ssh-key-to-yubikey-via-openpgp/
which suggest to use pem2openpgp from monkeysphere to translate my ssh key into gpg key and somehow write this translated gpg key into Yubikey (via keytocard command of gpg).
But after all these done. I find that the fingerprint of my ssh key is changed, this is confirmed by following command:
$ ssh-keygen -lf ~/.ssh/id_rsa.pub
$ ssh-add -l
And the fact that the fingerprint changed makes using my current ssh key meaningless -- I still need to edit authorized_keys everywhere to make the "new public key" work.
So is there any other way which can write my old ssh key into Yubikey and keep the old key's fingerprint?
I'm new to ssh and having some trouble with it.
I need to connect my pycharm on my windows10 to the remote server using OpenSSH and the private key in Tools->deployment->configuration, but now I can't see id_ed25519 or id_ed25519.pub file in the ssh file folder.
I have generated an Ed25519 key by using the following code:
cd ~
ssh-keygen -t ed25519
I can find my private and public key by the following command:
cd .ssh
ls
#return: id_ed25519 id_ed25519.pub id_rsa id_rsa.pub known_hosts
I'm wondering why the private and public key disappeared, or if they were stored somewhere else. But I can find other files returned by the command above.
I even successfully connected to my remote server using the pubkey.
Is there any solution?
I have found the answer!
I generated the key more than once. And every time I needed to copy the key to Windows file system with the following command.
cd /mnt/c/users/<my-account>/.ssh/
I have two accounts, one for personal utility, the other for work. That was where I made a mistake. I filled the wrong account in the <my-account>. That is to say, I logged into the other.
That's really silly.
Can someone confirm if it's safe to add a private key (.pem) to ~/.ssh/authorized_keys on a computer that will be connecting to a remote server (where the public key will be). I plan on using cat private-key.pem >> ~/.ssh/authorized_keys to add it. I've already changed the permissions on authorized_keys using chmod 600 ~/.ssh/authorized_keys
I've been looking the last hour and all I can see are references to the public key on the remote server. Struggling to find much relevant info on whether the above is safe or not.
I want to do the above so I can add IdentityFile ~/.ssh/authorized_keys to ~/.ssh/config to allow me connect quickly.
Sorry if this is obvious but it's been a while since I've used SSH. Thanks for looking
No. It is not. To the authorized keys, you should put public key!
You can generate public key from private key using ssh-keygen:
ssh-keygen -y -f private-key.pem > public-key.pub