==== Secure Shellscript ohne Passworteingabe: (known fingerprint) ====

Debug: call ssh with -ddd


[[https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-ubuntu-22-04]]

ACHTUNG! Diese Anleitung bezieht sich auf Protokoll 1 (DSA VERALTET; Benutze RSA!). Nicht mehr empfehlenswert.

(Fehlermeldung: send_pubkey_test: no mutual signature algorithm )

Lieber Protokol 2 verwenden. Da heissen die Schlüssel nicht mehr identity(.pub), sondern ~/.ssh/id_rsa(.pub) und ~/.ssh/id_dsa(.pub). Sonst kann man das alles hier verwenden.

in einer Zeile: 
<code>ssh-keygen -b 2048 -t rsa</code>

Ubuntu 22: Der Algo hat sich geändert, ich komme nicht mehr mit preauth (key) in meine remote server. Verlangt immer Passwort. Lösung: shd_config (am Client!): 2 Zeilen hinzu:
<code>
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
PubkeyAuthentication yes
</code>


((http://www.schlittermann.de/doc/ssh.html))

[[http://www.linuxforum.com/linux_tutorials/18/1.php]]

There are two machines A and B. The idea is to login (via ssh) from A to B without typing the
password that machine B would normally ask for. A is called the client and B is called the server.

=== Short ===
 

 A single command on the client A does this (replace SERVERB by the correct machine name or IP
 address of server B ):
 
 <code>
ssh-keygen -t dsa(VERALTET) -f ~/.ssh/identity(weglassen, heisst jetzt id_rsa(.pub)!) && cat ~/.ssh/identity.pub | ssh SERVERB 'sh -c "cat - >>~/.ssh/authorized_keys2 && chmod 600 ~/.ssh/authorized_keys2"'
</code>
 
 Press enter twice. Then it will ask you for password when u run this command but this w
 ill be the last time it will ask. After this, you can jump to step 4 below.

=== Longer ===

Einzelne Schritte: 
 
 Generate your public and private keys on client A, by running:
 
 
<code>ssh-keygen -t dsa -f ~/.ssh/mykey</code> 

 
 Just hit enter twice for the passphrase query.
 
 Next, copy your public key on client A to Server B. Run the command:
 
<code> 
cat ~/.ssh/mykey.pub | ssh SERVERB 'sh -c "cat - >>~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"'
</code>
 
 It will ask you for your password.

 Don't worry, this is the last time you will have to type it in.
 
 This puts your public key on server B, in a special file that holds trusted public keys,
 and gives it appropriate permissions so that its readable by you only.
 
 Move your private key to a file ssh looks for by default
 and make it secret by running this on client A:
 
<code>
mv ~/.ssh/mykey ~/.ssh/identity && chmod 600 ~/.ssh/identity 
</code>
 
 Since this file is like your password, it must be readable by you only.
 
 You are all set. Now run:

<code>ssh SERVERB</code> 

 
 And server B should let you login without password.