-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, Sep 22, 2016 at 07:09:53AM -0400, Gene Heskett wrote: > On Thursday 22 September 2016 03:44:28 Lars Noodén wrote: > > > On 09/21/2016 11:39 PM, Gene Heskett wrote: > > > On Wednesday 21 September 2016 10:23:09 Greg Wooledge wrote: > > > > ... > > > > >> man ssh-keygen > > >> http://mywiki.wooledge.org/SshKeys > > > > > > I knew there was something about generating keys, but not the sticky > > > details. > > > > If you have multiple servers or multiple remote accounts, you will end > > up with at least one key pair per account+server. So you will also > > need a way to keep track of them. One way it to make use of the -C > > and -f options to add a comment inside the key and to name the key > > files to something mnemonic. > > > Now that would be very handy. > > As far as the key choices go, DSA is considered deprecated, at least > > in the more recent versions: > > > > "Support for ssh-dss, ssh-dss-cert-* host and user keys > > will be run-time disabled by default" > > - http://www.openssh.com/txt/release-6.9 > > > > So that leaves RSA if you have old versions of the OpenSSH server to > > deal with. Probably 2048 bits or more is good for a while. > > Otherwise, consider Ed25519. > > > This I am not familiar with. Is there an explanatory url?
In general: https://debian-administration.org/article/530/SSH_with_authentication_key_instead_of_password On key choice: http://security.stackexchange.com/questions/23383/ssh-key-type-rsa-dsa-ecdsa-are-there-easy-answers-for-which-to-choose-when regards - -- t -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlfjyHAACgkQBcgs9XrR2kY4zACeJoUy04HpVBz14F/jcTeamX75 32oAnjIETAvpmWzE/OSkQ7BOcjpdasY4 =dFdK -----END PGP SIGNATURE-----