Differences

This shows you the differences between two versions of the page.

--- services:2fa:ssh:linux [2025/08/20 10:40] – jansen
+++ services:2fa:ssh:linux [2025/08/20 10:44] (current) – fix typos, emphasize security of private key jansen
@@ Line 1: / Line 1: @@
 ======Setup Linux ssh for key based login======
-We need to create a private/public key set to allow passwordless login via ssh. To do this run the sshkey-ge command:
+We need to create a private/public key set to allow passwordless login via ssh. To do this run the sshkey-gen command:
   $ ssh-keygen -t ecdsa
@@ Line 33: / Line 33: @@
 The file ''id_ecdsa'' (without ''.pub'') is the **private key**. You will have to keep this file private, ie: no one should have access to it (so don't copy it on removable media, share it with anyone, leave it in any unprotected place, etc). __**Treat it as an actual key**__; anyone with access to this private key, has access to your account, as if you had handed over your house key to others.
-The file ''id_ecdsa.pub'' must be transferred to the remote host. For this we can use ssh-copy-id:
+The file ''id_ecdsa.pub'' is the "public" part of the key-pair. It's something similar to the key-hole in your front door: anyone is allowed to see the key-hole, but only the person who has the private key (you!) can use that key to open it. \\
+So, the file ''id_ecdsa.pub'' must be transferred to the remote host. For this we can use ssh-copy-id:
   $ ssh-copy-id -i ~/.ssh/id_ecdsa.pub username@remote-host

Computer Documentation Wiki