Skip to main content
SSH
August 9, 2017
SSH

Remove domain from ssh known hosts if you already have 

1

$ nano ~/.ssh/known_hosts

Checking for existing SSH keys

Enter ls -al ~/.ssh to see if existing SSH keys are present:

1
2

ls -al ~/.ssh
# Lists the files in your .ssh directory, if they exist

Check the directory listing to see if you already have a public SSH key.

By default, the filenames of the public keys are one of the following:

  • id_dsa.pub
  • id_ecdsa.pub
  • id_ed25519.pub
  • id_rsa.pub

Generating a new SSH key pair

To create a new SSH key pair:

Generate a new ED25519 SSH key pair:

1
2
3

ssh-keygen -t ed25519 -C "email@example.com"
# to copy the public key
cat ~/.ssh/id_ed25519.pub | pbcopy .

Or, if you want to use RSA:

1
2
3
4
5

ssh-keygen -t rsa -b 4096 -C "email@example.com"
# or
ssh-keygen -b 4096 -C "email@example.com"
# to copy the public key
cat ~/.ssh/id_rsa.pub | pbcopy .

The -C flag adds a comment in the key in case you have multiple of them and want to tell which is which. It is optional.

Adding or changing a passphrase

If, in any case, you want to add or change the password of your SSH key pair, you can use the -p flag:

1

ssh-keygen -p -o -f <keyname>

or

1
2
3
4
5
6
7

ssh-keygen -p
# Start the SSH key creation process
Enter file in which the key is (/Users/you/.ssh/id_rsa): [Hit enter]
Key has comment '/Users/you/.ssh/id_rsa'
Enter new passphrase (empty for no passphrase): [Type new passphrase]
Enter same passphrase again: [One more time for luck]
Your identification has been saved with the new passphrase.

Copying SSH key

Copy your public SSH key to the clipboard by using one of the commands below depending on your Operating System:

MacOS:

1
2
3

pbcopy < ~/.ssh/id_ed25519.pub
# or
cat ~/.ssh/id_rsa.pub | pbcopy .

WSL / GNU/Linux (requires the xclip package):

1

xclip -sel clip < ~/.ssh/id_ed25519.pub

Git Bash on Windows:

1

cat ~/.ssh/id_ed25519.pub | clip

Note: If you opted to create an RSA key, the name might differ.

Test connecting via SSH 

1
2
3

$ ssh -T git@github.com
$ ssh -T git@gitlab.com
$ ssh -T git@bitbucket.org

Example: To clone repository

1
2
3

$ git clone git@github.com:your_user_name/your_project_name.git
$ git clone git@gitlab.com:your_user_name/your_project_name.git
$ git clone git@bitbucket.org:your_user_name/your_project_name.git

Example: Reconfigure existing repositories to use SSH

List the existing remote repositories and their URLs with:

1

$ git remote -v

That command should output something like:

1
2

origin  https://your_server/your_user_name/your_project_name.git (fetch)
origin  https://your_server/your_user_name/your_project_name.git (push)

Change your remote repository’s URL with:

1

$ git remote set-url origin git@your_server:your_user_name/your_project_name.git

Git will use SSH, instead of HTTPS, to synchronize that local repository with its remote equivalent.

SSH key have expired

If you can’t SSH in at all

  1. Open your server → Console & Rescue tab.
  2. Enable Rescue System (Linux).
  3. Boot into Rescue mode and connect via SSH.
  4. Mount your main disk: (your disk might be /dev/sda2 — check with lsblk)
1

mount /dev/sda1 /mnt
  1. Edit authorized_keys:
1

nano /mnt/root/.ssh/authorized_keys
  1. Replace your old key with the new one.
  2. Unmount and reboot:
1
2

umount /mnt
reboot

Now you should be able to log in normally again with your new SSH key.