version=pmwiki-2.2.130 ordered=1 urlencoded=1 agent=w3m/0.5.3+git20210102 author=jrmu charset=UTF-8 csum= ctime=1607336133 host=38.87.162.8 name=Openbsd.Sshkeys rev=9 targets= text=(:redirect ssh.fingerprints:)%0aYou can use this script to quickly get the ssh fingerprints for all ssh keys:%0a%0a!! SSH Fingerprints%0a%0a[@%0assh-keygen -E md5 -lf /etc/ssh/ssh_host_dsa_key.pub%0assh-keygen -E md5 -lf /etc/ssh/ssh_host_ecdsa_key.pub%0assh-keygen -E md5 -lf /etc/ssh/ssh_host_ed25519_key.pub%0assh-keygen -E md5 -lf /etc/ssh/ssh_host_rsa_key.pub%0assh-keygen -lf /etc/ssh/ssh_host_dsa_key.pub%0assh-keygen -lf /etc/ssh/ssh_host_ecdsa_key.pub%0assh-keygen -lf /etc/ssh/ssh_host_ed25519_key.pub%0assh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub%0a@]%0a%0aThe first five are MD5 hashes and are used by PuTTY. The last five will be used by Mac/Linux.%0a%0a!! Generating SSH Keys%0a%0a[@%0a$ ssh-keygen -t ed25519%0aGenerating public/private ed25519 key pair.%0aEnter file in which to save the key (/home/username/.ssh/id_ed25519): %0aEnter passphrase (empty for no passphrase): %0aEnter same passphrase again: %0aYour identification has been saved in /home/username/ssh/id_ed25519%0aYour public key has been saved in /home/username/ssh/id_ed25519.pub%0aThe key fingerprint is:%0a...%0a@]%0a%0aSave the key fingerprint and image art, you will use it for verifying the key later.%0a%0aYou can repeat this process with other types of keys:%0a%0aNow, read ~/.ssh/id_ed25519.pub:%0a%0a[@%0a$ cat .ssh/id_ed25519.pub%0a@]%0a%0aYou will add this line to the bottom of ~/.ssh/authorized_keys on the server. So, we login then edit that file:%0a%0a[@%0a$ ssh username@example.ircnow.org%0a$ vi .ssh/authorized_keys%0a@]%0a%0a!! Alternative SSH Keys%0a%0aOn your desktop PC, you can generate other ssh key types:%0a%0a[@%0a$ ssh-keygen -t ecdsa -a 100%0a$ ssh-keygen -t rsa -b 4096 -o -a 100%0a@]%0a%0a!! Publish SSHFP%0a%0aTo publish ssh keys online, run:%0a%0a[@%0a$ ssh-keygen -r ircnow.org %0aircnow.org IN SSHFP 1 1 7251d06cf5cf9312b502388edd93ff924c52a73a%0aircnow.org IN SSHFP 1 2 a0f433e68e5ba29f23825b21a23660d94a5b8a814cd71827fb75cfb4e84e4c49%0aircnow.org IN SSHFP 2 1 22ccda0cafee42f3e2cc53d5f695244677a1a88f%0aircnow.org IN SSHFP 2 2 88fbc099391d1e37330409978e68bdeebc50fe9bc41c5e2fd4a2d29ecde20409%0aircnow.org IN SSHFP 3 1 c9a19b42a7165596f0d0e5bfa947232978901dcb%0aircnow.org IN SSHFP 3 2 6a9facbb8693644063b1eee91cfce24ada5536ff52df98210fae3d350fffaf34%0aircnow.org IN SSHFP 4 1 4dc3d59ef28733c89f83e0e078b10a4a816e2a04%0aircnow.org IN SSHFP 4 2 a1f1388dff27d02f942ea5a9e2cb6008ae3e0a61622e5ff2b1ce746b32049152%0a@]%0a%0aReplace ircnow.org with your domain. Those records can then be added to your nameserver's zone files.%0a time=1628527366 author:1628527366=jrmu diff:1628527366:1613643862:=1d0%0a%3c (:redirect ssh.fingerprints:)%0a75c74%0a%3c Replace ircnow.org with your domain. Those records can then be added to your nameserver's zone files.%0a---%0a> Replace ircnow.org with your domain. Those records can then be added to your nameserver's zone files.%0a\ No newline at end of file%0a host:1628527366=38.87.162.8 author:1613643862=jrmu diff:1613643862:1613642406:=56,74c56%0a%3c @]%0a%3c %0a%3c !! Publish SSHFP%0a%3c %0a%3c To publish ssh keys online, run:%0a%3c %0a%3c [@%0a%3c $ ssh-keygen -r ircnow.org %0a%3c ircnow.org IN SSHFP 1 1 7251d06cf5cf9312b502388edd93ff924c52a73a%0a%3c ircnow.org IN SSHFP 1 2 a0f433e68e5ba29f23825b21a23660d94a5b8a814cd71827fb75cfb4e84e4c49%0a%3c ircnow.org IN SSHFP 2 1 22ccda0cafee42f3e2cc53d5f695244677a1a88f%0a%3c ircnow.org IN SSHFP 2 2 88fbc099391d1e37330409978e68bdeebc50fe9bc41c5e2fd4a2d29ecde20409%0a%3c ircnow.org IN SSHFP 3 1 c9a19b42a7165596f0d0e5bfa947232978901dcb%0a%3c ircnow.org IN SSHFP 3 2 6a9facbb8693644063b1eee91cfce24ada5536ff52df98210fae3d350fffaf34%0a%3c ircnow.org IN SSHFP 4 1 4dc3d59ef28733c89f83e0e078b10a4a816e2a04%0a%3c ircnow.org IN SSHFP 4 2 a1f1388dff27d02f942ea5a9e2cb6008ae3e0a61622e5ff2b1ce746b32049152%0a%3c @]%0a%3c %0a%3c Replace ircnow.org with your domain. Those records can then be added to your nameserver's zone files.%0a\ No newline at end of file%0a---%0a> @]%0a\ No newline at end of file%0a host:1613643862=198.251.81.119 author:1613642406=jrmu diff:1613642406:1613642131:=3,4d2%0a%3c !! SSH Fingerprints%0a%3c %0a17,18d14%0a%3c %0a%3c !! Generating SSH Keys%0a host:1613642406=198.251.81.119 author:1613642131=jrmu diff:1613642131:1613642113:=44,45d43%0a%3c %0a%3c !! Alternative SSH Keys%0a host:1613642131=198.251.81.119 author:1613642113=jrmu diff:1613642113:1612796766:=30,31d29%0a%3c You can repeat this process with other types of keys:%0a%3c %0a43,49d40%0a%3c @]%0a%3c %0a%3c On your desktop PC, you can generate other ssh key types:%0a%3c %0a%3c [@%0a%3c $ ssh-keygen -t ecdsa -a 100%0a%3c $ ssh-keygen -t rsa -b 4096 -o -a 100%0a host:1613642113=198.251.81.119 author:1612796766=jrmu diff:1612796766:1612790170:=29,41d28%0a%3c %0a%3c Now, read ~/.ssh/id_ed25519.pub:%0a%3c %0a%3c [@%0a%3c $ cat .ssh/id_ed25519.pub%0a%3c @]%0a%3c %0a%3c You will add this line to the bottom of ~/.ssh/authorized_keys on the server. So, we login then edit that file:%0a%3c %0a%3c [@%0a%3c $ ssh username@example.ircnow.org%0a%3c $ vi .ssh/authorized_keys%0a%3c @]%0a\ No newline at end of file%0a host:1612796766=198.251.81.119 author:1612790170=jrmu diff:1612790170:1607336172:=14,28c14%0a%3c The first five are MD5 hashes and are used by PuTTY. The last five will be used by Mac/Linux.%0a%3c %0a%3c [@%0a%3c $ ssh-keygen -t ed25519%0a%3c Generating public/private ed25519 key pair.%0a%3c Enter file in which to save the key (/home/username/.ssh/id_ed25519): %0a%3c Enter passphrase (empty for no passphrase): %0a%3c Enter same passphrase again: %0a%3c Your identification has been saved in /home/username/ssh/id_ed25519%0a%3c Your public key has been saved in /home/username/ssh/id_ed25519.pub%0a%3c The key fingerprint is:%0a%3c ...%0a%3c @]%0a%3c %0a%3c Save the key fingerprint and image art, you will use it for verifying the key later.%0a---%0a> The first five are MD5 hashes and are used by PuTTY. The last five will be used by Mac/Linux.%0a\ No newline at end of file%0a host:1612790170=198.251.81.119 author:1607336172=jrmu diff:1607336172:1607336133:= host:1607336172=198.251.81.119 author:1607336133=jrmu diff:1607336133:1607336133:=1,14d0%0a%3c You can use this script to quickly get the ssh fingerprints for all ssh keys:%0a%3c %0a%3c [@%0a%3c ssh-keygen -E md5 -lf /etc/ssh/ssh_host_dsa_key.pub%0a%3c ssh-keygen -E md5 -lf /etc/ssh/ssh_host_ecdsa_key.pub%0a%3c ssh-keygen -E md5 -lf /etc/ssh/ssh_host_ed25519_key.pub%0a%3c ssh-keygen -E md5 -lf /etc/ssh/ssh_host_rsa_key.pub%0a%3c ssh-keygen -lf /etc/ssh/ssh_host_dsa_key.pub%0a%3c ssh-keygen -lf /etc/ssh/ssh_host_ecdsa_key.pub%0a%3c ssh-keygen -lf /etc/ssh/ssh_host_ed25519_key.pub%0a%3c ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub%0a%3c @]%0a%3c %0a%3c The first five are MD5 hashes and are used by PuTTY. The last five will be used by Mac/Linux.%0a\ No newline at end of file%0a host:1607336133=198.251.81.119