Skip to main content

SSH Keys & SSH-Config

SSH-Keys importieren

nano ~/.ssh/id_NAME_rsa
nano ~/.ssh/id_NAME_rsa.pub

# Berechtigungen
chmod 700 ~/.ssh
chmod 600 ~/.ssh/id_NAME_rsa
chmod 644 ~/.ssh/id_NAME_rsa.pub

zum SSH-Agenten hinzufügen:

ssh-add ~/.ssh/id_NAME_rsa

pub-key in authorized_keys speichern:

cat ~/.ssh/id_NAME_rsa.pub >> ~/.ssh/authorized_keys

chmod 600 ~/.ssh/authorized_keys

 zum fernen Server in seine authorized_keys hinzufügen:

# kopiert Standard-Key (~/.ssh/id_rsa.pub)
ssh-copy-id user@remote-server

# mit spezifischem Key
ssh-copy-id -i ~/.ssh/id_NAME_rsa.pub user@remote-server

# Mit Port
ssh-copy-id -i ~/.ssh/id_NAME_rsa.pub -p 2222 user@remote-server

# Nur Public-Key mit force (-f) kopieren, ohne private-key
ssh-copy-id -f -i ~/.ssh/id_NAME_ed25519.pub root@123.456.789.100

SSH-Config

nano /root/.ssh/config

.ssh/config:

Host storagebox
    Hostname u12345.your-storagebox.de
    Port 23
    User u12345
    IdentityFile /root/.ssh/id_admin_ed25519
    ODER
    IdentityFile /config/ssh_keys/id_admin_ed25519
    JE NACHDEM WO DER SSH-KEY LIEGT!

wenn dannn noch WARNING UNPROTECTED PRIVATE KEY FILE Meldung kommt, einfach

chown 600 /config/ssh_keys/id_admin_ed25519

Verbindung aufrechterhalten (wenn zu häufig Meldung Broke Pipeline kommt) :

# Verbindung aufrechterhalten
Host *
    ServerAliveInterval 30
    ServerAliveCountMax 3

 

Weiteres Beispiel für eine .ssh/config:

Host gitlab.blentwurg.com
  PreferredAuthentications publickey
  IdentityFile ~/.ssh/gitlab.pub

Host git.MEINEDOMAIN.com
  HostName git.MEINEDOMAIN.com
  Port 222
  User git
  IdentityFile ~/.ssh/id_rsa

oder 

# Verbindung aufrechterhalten
Host *
    ServerAliveInterval 30
    ServerAliveCountMax 3

# Haupt-SSH-Key
# auskommentieren und auch spezifische SSH-Keys beim Host auskommentieren, wenn SSH-Keys über Bitwarden Vault geholt werden
# IdentityFile /home/eix/.ssh/id_rsa_eiketower


Host hz-01
    HostName hetzner-01.DOMAIN.de
    IdentityFile ~/.ssh/id_pl-admin_ed25519
    User root

Host hz-02
    HostName hetzner-02.DOMAIN.de
    IdentityFile ~/.ssh/id_pl-admin_ed25519
    User root

Host hz-03
    HostName hetzner-03.DOMAIN.de
    IdentityFile ~/.ssh/id_pl-admin_ed25519
    User root

Host mini-01-hws
    HostName 192.168.200.11
    IdentityFile ~/.ssh/id_rsa_eiketower
    User pl-admin

Host mini-02-fbs
    HostName 10.53.1.5
    IdentityFile ~/.ssh/id_rsa_eiketower
    User pl-admin

Host mini-03-sps
    HostName 10.26.1.5
    IdentityFile ~/.ssh/id_rsa_eiketower
    User pl-admin

Host pve
    HostName 10.1.1.69
    IdentityFile ~/.ssh/id_rsa_eiketower
    User root

Host fn-01
    HostName fn-01.DOMAIN.it
    IdentityFile ~/.ssh/id_rsa_eiketower
    User root
    
Host fn-02
    HostName fn-02.DOMAIN.it
    IdentityFile ~/.ssh/id_rsa_eiketower
    User root

vorher

chmod 600 ~/.ssh/id_rsa_eiketower.ppk
chmod 600 ~/.ssh/id_pl-admin_ed25519

Back to top