(displaytitle) |
(Updating SSH section to add Mac instructions and reformat) |
||
Line 5: | Line 5: | ||
RSA is the de-facto standard and is supported everywhere (just choose a big enough key like 4096 bits to be secure). Ed25519 is designed to be faster and smaller withouth sacrificing security, so is best suited for embedded devices or machines with low resources. It's supported on tilde (and really on any modern system) but you may find older systems which do not support it. | RSA is the de-facto standard and is supported everywhere (just choose a big enough key like 4096 bits to be secure). Ed25519 is designed to be faster and smaller withouth sacrificing security, so is best suited for embedded devices or machines with low resources. It's supported on tilde (and really on any modern system) but you may find older systems which do not support it. | ||
Keep in mind that these instructions leave your private keys unencrypted in your local hard disk. So keep them private; never share them. A good solution is to provide a password for them at creation time, but this implies entering a password any time you used them (impractical) or use something like ssh-agent (a bit more complex) | Keep in mind that these instructions leave your private keys unencrypted in your local hard disk. So keep them private; never share them. A good solution is to provide a password for them at creation time, but this implies entering a password any time you used them (impractical) or use something like ssh-agent (a bit more complex) | ||
== | == Linux == | ||
=== | === Generating your keypair === | ||
Make sure you have a <code>~/.ssh</code> directory (the -m 700 ensures it has the correct file permissions) | |||
<code>mkdir -m 700 ~/.ssh</code> | |||
Create your keys | |||
<code>ssh-keygen -t ed25519 -a 100</code> | |||
If you press enter to accept the defaults, your public and private key will be located at <code>~/.ssh/id_ed25519.pub</code> and <code>~/.ssh/id_ed25519</code> respectively | |||
<code>cat ~/.ssh/id_ed25519.pub</code> | |||
Copy the output of the last command and paste it in the sshkey field on the signup form or email it to the relevant sign-up address for the tilde you are joining. | |||
==== Using your keypair ==== | |||
<code>ssh</code> to your tilde | |||
<code>ssh username@your.tilde</code> | |||
== Mac == | |||
=== Generating your keypair === | |||
* Open terminal (it’s in <code>/Applications/Utilities</code>) | |||
* Make sure you have a <code>~/.ssh</code> directory (the -m 700 ensures it has the correct file permissions) | |||
<code>mkdir -m 700 ~/.ssh</code> | |||
Create your keys | |||
<code>ssh-keygen -t ed25519 -a 100</code> | <code>ssh-keygen -t ed25519 -a 100</code> | ||
If you press enter to accept the defaults, your public and private key will be located at <code>~/.ssh/id_ed25519.pub</code> and <code>~/.ssh/id_ed25519</code> respectively | |||
<code>cat ~/.ssh/id_ed25519.pub</code> | |||
Copy the output of the last command and paste it in the sshkey field on the signup form or email it to the relevant sign-up address for the tilde you are joining. | |||
==== Using your keypair ==== | ==== Using your keypair ==== | ||
<code>ssh</code> to your tilde: | |||
<code>ssh username@your.tilde</code> | <code>ssh username@your.tilde</code> | ||
[[Category:Guides]] | [[Category:Guides]] |
Revision as of 13:26, 2 October 2022
The Secure Shell Protocol is a cryptographic network protocol for operating network services securely over an unsecured network. Typical applications include remote command-line, login, and remote command execution, but any network service can be secured with SSH.
SSH supports a handful of types of cryptographic keys. The most used are RSA and the more modern ed25519.
RSA is the de-facto standard and is supported everywhere (just choose a big enough key like 4096 bits to be secure). Ed25519 is designed to be faster and smaller withouth sacrificing security, so is best suited for embedded devices or machines with low resources. It's supported on tilde (and really on any modern system) but you may find older systems which do not support it.
Keep in mind that these instructions leave your private keys unencrypted in your local hard disk. So keep them private; never share them. A good solution is to provide a password for them at creation time, but this implies entering a password any time you used them (impractical) or use something like ssh-agent (a bit more complex)
Linux
Generating your keypair
Make sure you have a ~/.ssh
directory (the -m 700 ensures it has the correct file permissions)
mkdir -m 700 ~/.ssh
Create your keys
ssh-keygen -t ed25519 -a 100
If you press enter to accept the defaults, your public and private key will be located at ~/.ssh/id_ed25519.pub
and ~/.ssh/id_ed25519
respectively
cat ~/.ssh/id_ed25519.pub
Copy the output of the last command and paste it in the sshkey field on the signup form or email it to the relevant sign-up address for the tilde you are joining.
Using your keypair
ssh
to your tilde
ssh username@your.tilde
Mac
Generating your keypair
- Open terminal (it’s in
/Applications/Utilities
) - Make sure you have a
~/.ssh
directory (the -m 700 ensures it has the correct file permissions)
mkdir -m 700 ~/.ssh
Create your keys
ssh-keygen -t ed25519 -a 100
If you press enter to accept the defaults, your public and private key will be located at ~/.ssh/id_ed25519.pub
and ~/.ssh/id_ed25519
respectively
cat ~/.ssh/id_ed25519.pub
Copy the output of the last command and paste it in the sshkey field on the signup form or email it to the relevant sign-up address for the tilde you are joining.
Using your keypair
ssh
to your tilde:
ssh username@your.tilde