Notes - SSH | Roger Fan

SSH

Created: 2025-11-30

Updated: 2025-11-30

SSH usage guide covering key generation, config setup, and security best practices for secure remote access

Basic Usage

key generation
- ssh-keygen -t ed25519 -C "...comment..."
- it'll generate a private key ~/.ssh/id_ed25519 and a public key ~/.ssh/id_ed25519.pub
copy public key to remote server
- Method 1: Manual Copy
  - SSH into the remote server
  - Copy the public key, and paste it into ~/.ssh/authorized_keys
- Method 2: Using ssh-copy-id to automatically copy the public key to the remote server
  - ssh-copy-id user@server_ip

SSH Config

Bash

# ~/.ssh/config
Host server_alias
  HostName server_ip_xxx
  Port 22
  User user_xxx
  IdentityFile ~/.ssh/id_ed25519
  ForwardAgent yes

# having this, macos will automatically use the keychain to store the passphrase
Host *
  AddKeysToAgent yes
  UseKeychain yes

Make server safer

Disable password authentication
- Edit /etc/ssh/sshd_config on the remote server
  - PasswordAuthentication no
- Restart SSH service: sudo systemctl restart ssh