Skip to main content

Linux command: ssh-keygen - Generate SSH Keys

ssh-keygen -t rsa -C

ssh-keygen — authentication key generation, management and conversion

$ ssh-keygen -t rsa -C "your@email.address"

Private and public keys are save in ~/.ssh/ directory.

$ ls ~/.ssh
authorized_keys  id_rsa  id_rsa.pub  known_hosts

Using ssh key on Microsoft Windows 10

Copy private key id_rsa to %userprofile%\.ssh folder. However, you will get warning and cannot use that private key unless you limit permission to the owner ONLY.

C:\Users\Tuyen>ssh tuyendq@002.practicehabits.net
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions for 'C:\\Users\\Tuyen/.ssh/id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "C:\\Users\\Tuyen/.ssh/id_rsa": bad permissions
tuyendq@002.practicehabits.net's password:

Using icacls to limit permission to access id_rsa key file

:: Set key variable as full path the the private key id_rsa file ::
set key="%userprofile%\.ssh\id_rsa"

:: Remove default inheritance ::
cmd /c icacls %key% /c /t /inheritance:d

:: Set ownership to the owner ::
cmd /c icacls %key% /c /t /grant %username%:F

:: Remove All users, except the owner ::
cmd /c icacls %key% /c /t /remove Administrator Administrators SYSTEM "Authenticated Users" "Users"

:: Then verify settings ::
cmd /c icacls %key%
:: End of script

Remove passphrase, you must have your old passphrase

openssl rsa -in ~/.ssh/id_rsa -out ~/.ssh/id_rsa_new

Popular posts from this blog

Install Microsoft .NET Core SDK

.NET Core Software Development Kit (SDK) is a set of libraries and tools that allow developers to create .NET Core applications and libraries.

How to charge your device from USB Port

First of all, check BIOS Settings of your laptop or desktop Dell Look for USB PowerShare BIOS Settings: USB PowerShare Lenovo Look for Always On USB Charge in Off Mode BIOS Settings: Enable Always On USB Charge in Off Mode

Kali Linux on Raspberry Pi 2

Download Kali Linux for Raspberry Pi 2 Use xzcat to decompress and then dd to image Kali Linux to microSD on Windows 10. or use 7-zip to extract kali-linux-2019.1-rpi3-nexmon.img image file, then use rufus to write image to microSD card Login Kali Linux with default username root and password toor Tight VNC Server root@kali:~# apt install tightvncserver root@kali:~# vncserver :1 You will require a password to access your desktops. Password: Warning: password truncated to the length of 8. Verify: Would you like to enter a view-only password (y/n)? n xauth: file /root/.Xauthority does not exist New 'X' desktop is kali:1 Creating default startup script /root/.vnc/xstartup Starting applications specified in /root/.vnc/xstartup Log file is /root/.vnc/kali:1.log root@kali:~# Kill vncserver root@kali:~# vncserver -kill :1 Killing Xtightvnc process ID 16102 root@kali:~#