Tuesday, December 26, 2006

SSH PKI

To create ssh keys:
ssh-keygen -t dsa -d 2048
Optionally leave the passphrase blank
This will create a ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub file.

Check for validity
:
ssh-keygen -l -f ~/.ssh/id_dsa.pub

Copy the key to the remote server:
cat ~/.ssh/id_dsa ssh remote_host 'sh -c "cat - >>~/.ssh/authorized_keys"'

Convert commercial (SECSH) ssh private / public key to OpenSSH
ssh-keygen -i -f id_dsa.pub > id_dsa_openssh.pub # public key
ssh-keygen -i -f id_dsa > id_dsa_openssh # private key

Generate public key from private key
ssh-keygen -y -f id_dsa > id_dsa_openssh.pub

Convert OpenSSH private / public to commercial (SECSH) ssh
ssh-keygen -e -f id_dsa_openssh.pub > id_dsa.pub # public key
ssh-keygen -e -f id_dsa_openssh > id_dsa # private key

Changes the passphrase
ssh-keygen -p -N password -f id_dsa_openssh.prv > id_dsa

http://pkeck.myweb.uga.edu/ssh/
http://uaahosting.uaa.alaska.edu/axjww/sshkey/

No comments: