Commands using ssh-keygen

Works for multiple hosts (such as www.google.com) and/or wrong hosts.

Quick shortcut if you know the hostname and want to save yourself one step for looking up the IP address separately.

remove the host for the .ssh/know_host file

Now at the end of the rsa.pub file, there is our comment like=

".................peXeuE0ytJgpQcXeR5aHlfLa8dAt0obasd hello@world"

Will return the SSH server key information for each host you have in your ~/.ssh/known_hosts file, including key size, key fingerprint, key IP address or domain name, and key type.

Protects your secret identity with a passphrase.

OSX 10.6 automatically does key forwarding and can store the passphrase in the keychain.

For other OSes, use ssh -A or set ForwardAgent in ssh_config to enable forwarding. Then use ssh-agent/ssh-add.

In this case it's better do to use the dedicated tool

Some servers don't have ssh-copy-id, this works in those cases.

It will ask for the destination server, this can be IP, hostname, or user@hostname if different from current user.

Ssh keygen will let you know if a pubkey already exists on your system and you can opt to not overwrite it.

this command test the moduli file generated by the command ssh-keygen -G /tmp/moduli-2048.candidates -b 2048 . The test can be long depend of your cpu power , around 5 minutes to 30 minutes

if you lost your moduli file in openssh server side you need generate new one with this command then test if the number generated can be used with ssh-keygen -T moduli-2048 -f /tmp/moduli-2048.candidates

Get your server's fingerprints to give to users to verify when they ssh in. Publickey locations may vary by distro. Fingerprints should be provided out-of-band.

Quick shortcut if you know the hostname and want to save yourself one step for looking up the IP address separately.

put down the joint and rtfm :)

This command sequence allows simple setup of (gasp!) password-less SSH logins. Be careful, as if you already have an SSH keypair in your ~/.ssh directory on the local machine, there is a possibility ssh-keygen may overwrite them. ssh-copy-id copies the public key to the remote host and appends it to the remote account's ~/.ssh/authorized_keys file. When trying ssh, if you used no passphrase for your key, the remote shell appears soon after invoking ssh user@host.

Useful if you have to tunnel ssh through a local port and it complains of the host key being different. Much easier than manually editing the file.