Windows Terminal SSH Public Key Authentication 

Very nice. Thank you.

Thank you! I appreciate your positive feedback. Keeps me making more.

Great! Thank you.

The directory '.ssh' is created in the user's home directory (or /root, for root user) when using SSH for the first time. At a minimum, the directory contains the file 'known_hosts", created on first attempt to connect to another machine using SSH. Note that '.ssh' is a hidden directory (it begins with a period), so it doesn't appear normally when using directory list command unless adding the 'show all files' switch, -a. If for any reason you need the directory before using SSH for the first time, simply create it. From the user (or root) directory, enter command mkdir .ssh

I hope you get it figured out. Post any questions that come up, and I'll try to help.

You're welcome, and thanks for watching. I hope it helps. I have more admin related videos coming soon.

@@wc7 It does. I just started to learn and play with ubuntu. Thank you!

Thank you. I'm glad you liked it.

Very kind of you to say. Thank you.

You're very welcome!

Very kind of you. Thanks for watching. Suggestions for other topics are always welcome.

Thank you.

The general advice is never to use root in normal situations. But I do in certain cases only because it's more convenient for me, like for accessing Webmin and PhpMyAdmin. However, I do this ONLY for a server physically in my office that the ports (which I've changed to obscure) for these services are strictly on my local network and are blocked from Internet access. For a public facing server, do not use the root user for any services open to the Internet. Certainly do not use root for SSH on a public server. Make another user in the sudo group so it can do what you need. And make sure there is a strong firewall between the server and Internet. I use pfSense (free), using pfBlocker, and running on old HP dc5800 hardware (under $100) with additional network card. Does Gig speed just great (other solutions like small fanless "firewall" appliances do not). Also use non-standard port numbers when possible. Not always possible, for example a mail server can't use other than port 25 or you'll never get mail. But many services can be changed to obscure port numbers, say 12476 (just an example). I do similar with my IMAP port and block the normal port number in the firewall. This cuts down on a vast amount of intruders knocking at the door. I'm not familiar with ports for Minecraft servers, but if the users who will access are a private group that you can tell them a different port number, and set that at your server, that blocks out everyone else, unless the intruders are lucky enough to guess the port number you've chosen. Odds are slim of that. Those are just a few steps to help security. Avoiding root is always a good choice.

@@wc7 thank you again! Please keep posting vids 🤓

You're welcome. And thanks for the positive feedback. I appreciate it.

You're welcome. I'm glad it helps.

The "i" option. Have you searched the web? Try "ssh specify private key to use". Here is one example result. There are many. superuser.com/questions/772660/howto-force-ssh-to-use-a-specific-private-key

I have no idea what a "yubikey" is. So I don't know the answer.

You're welcome!

I don't know for sure, because I don't use Git Bash, but it looks similar. However, because it creates a key file of a different name, I suspect each method produces a different result, and each method should co-exist without messing up the other. It's possible you could use the Git Bash key file in place of "id_rsa.pub," as I explain in the video. Both are in the .ssh folder. But I haven't tested this, so please be careful if trying it.

Look up "chown command" for specifics of change ownership command. In my case "william:william" is the user name and group name on the Linux system. When logged in to the Linux system, it is typical that you land in your home directory. List with switches -al as directed in the video, and the user name and group name is included in the list. Just as you see in the video, when I'm entering the chown and chmod commands, the list above has a column for user, and after it a column for group. In my case, both william, my user name, and my group name. List your home directory, and you'll see your values for user name and group name.

@@wc7 Thank you so much for help!

Thanks

The host you're trying to connect to either doesn't have SSH server running, or a firewall is blocking port 22.

It's been a while since I used PUTTY. I assume it works similar. Files "id_rsa" and "id_rsa_pub" are created when a key is generated. The question is where does PUTTY store the files? If the standard default location, the folder //.ssh then follow the steps in the video except for key generation. Skip that step because keys already exist. If PUTTY stores the keys in a different folder, either copy them to .ssh or adjust the commands used to point to the folder where the public key ("id_rsa.pub") is stored.

@@wc7 Thank you for your answer. Yes, that's what I thought. But no.It does not work, it does not allow to establish the connection because the public key does not match. Any idea. Thanks again.

@@iro0t626 I don't know. You may have to generate a new key. There must be a difference in how PUTTY stores keys.

PuTTY stores keys generated by its own PuTTYgen program tn the drectory specified by the user in the save (or generate or export) dialog. PuTTY saves its keys as *.ppk files. It gives the option of loading and then exporting (Conversions tab) an existing .ppk key as an openSSH compatible private key, as well as presenting the corresponding public key in a window that can be copied and pasted into an openSSH authorized_keys file on a desired host. It's a little bit of work, but you can navigate from PuTTY into openSSH without being forced to create yet another key pair (to maintain). I don't know why there is a difference between the formats and when those differences might be merged and made transparent to us users.

@@rldel99 Thank you for the explanation. It's been a while for me since using PuTTY, and back that long ago when I did, it was without any key files. So I didn't really know the answer, but suspected something like you've described. Good to know now. Thank you.

From afar I can't really help. Perhaps try it again, all steps. I don't know what else to do.

Thanks

The video is about Windows Terminal connecting to SSH servers.

@Brian Campbell The steps in the video relate to SSH (Secure Shell). The technology involved is shared with others that use cryptographic keys. The primary tool is "openssl" command to generate keys. But what to do with the keys is a completely different subject. Understand that "openssl" is the thing to know about (SSL=Secure Sockets Layer, the encryption used in HTTPS; "open" simply means it's not proprietary). Do a Google search for "openssl key generation for cyptocurrency". This will point you in the right direction.

I am well. Keeping busy that's for sure. Thanks.

Dear Campbell is there any greping in InDesign remove any specific xml tag with any attribute e.g. different types of values as tag attributes

@@wc7 Nice😊

@@rcdabral7494 The subject isn't relevant to SSH and Windows Terminal. Better to ask in comments for a video about InDesign and GREP: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-D_79JuIeu9k.html Regardless, the answer is I don't have a script that does find/replace on XML inside InDesign docs. It can be done, I just haven't yet. Haven't had a need. Would it help to update InDesign text after XML is imported? My GREP script could do that. Again, continue this conversation where the topic is relevant: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-D_79JuIeu9k.html

@@wc7 sorry my apology

I don't understand what you mean. Could you elaborate?

Please upload ssh passwordless from linux to Windows.. From linux how can we ssh windows server, without password?

@@psd4582 OK, I understand. I will add to my list of videos to make. I've looked into it. Not much different except for one command. Do the same process just reverse Windows and Linux hosts, but at Windows instead of "cat id_rsa.pub >> authorized_keys" use "type id_rsa.pub > authorized_keys". Not sure yet where the Windows configuration for SSH is located but I'll study more and get it figured out for the video. Might be a while, I have a few videos ahead of it still.

Thanks william, in my organization, there is one passwordless requirement.. We have configured all the things but still passwordless authentication is not working.. It would be helpful if you upload video on it.. Thanks

Had a typo in my last reply. Should be "type id_rsa.pub >> authorized_keys". Two right angle brackets, not one. One will replace file. Two to append. However, there is more to it besides, now that I've tried it in action today. I have it just about figured out and will make a video as soon as possible.