====== Information ======

  * OpenSSH client notes
  * See [[servers:secure_shell|OpenSSH Server]] notes for servers

====== Generate SSH Keys ======

===== Information =====

  * Can generate both a standard keypair and one for a hardware key
  * Hardware key will be used first if it's plugged-in

===== Standard =====

  * [[https://wiki.archlinux.org/index.php/SSH_keys#Ed25519|ArchWiki]]

  ssh-keygen -t 'ed25519'

===== FIDO/U2F Key =====

  * [[https://wiki.archlinux.org/index.php/YubiKey#OpenSSH|ArchWiki]]
  * Works with [[https://solokeys.com/|Solo]]
  * :!: ''ed25519-sk'' didn't work with Solo 4.0.0

  ssh-keygen -t 'ecdsa-sk'

====== Send Public Key to Server ======

  * Change ''x'' to IP

  ssh-copy-id 'espionage724'@'x'

====== Force Public Key Login ======

  * [[https://wiki.archlinux.org/title/OpenSSH#Force_public_key_authentication|ArchWiki]]

  sudo -e '/etc/ssh/sshd_config.d/pubkey-only-custom.conf'

<code>
PasswordAuthentication no
AuthenticationMethods publickey</code>

====== Manage Keys ======

===== Backup =====

****

  tar -cvzf ~/'Documents/'$(date +%Y-%m-%d)'-ssh-keys.tar.gz' -C ~ '.ssh' && ls ~/'Documents/'*'-ssh-keys.tar.gz' && sync

===== Restore =====

****

  ls ~/'Documents/'*'-ssh-keys.tar.gz' && rm -Rf ~/'.ssh' && tar -xvzf ~/'Documents/'*'-ssh-keys.tar.gz' -C ~ '.ssh' && sync