Random notes about ssh config and related topics.
Making hostnames easier Link to heading
Openssh reads your ~/.ssh/config/ before it checks what IP address it should use for connection. This allows you to do things like:
Host bastion.company
Hostname 10.10.10.5
IdentityFile ~/.ssh/company.pem
ForwardAgent yes
User ec2-user
or if you wish to by pass bastion:
Host _final_destination_
User _at_bastion_
ProxyCommand ssh _bastion_host_ netcat %h %p
So even if the hostname is not in a DNS or it has some strange name like ec2-10-10-10-5.eu-west-1.compute.amazonaws.com, you can use alternative hostnames with ssh (even if you don’t have rights to change /etc/hosts file in your computer).
Extracting public key from pem file Link to heading
If you have to give some user ssh access to your servers and they send you PRIVATE KEY PEM file instead of the string that you can attach into their ~/.ssh/authorized_keys_file, you can get it with ssh-keygen -y -f file.pem.
If you have to give some user ssh access to your servers and they send you PUBLIC KEY PEM file instead of the string that you can attach into their ~/.ssh/authorized_keys file, you can get it with ssh-keygen -i -f file.pem.
Importing keypair into AWS Link to heading
$ aws ec2 import-key-pair --key-name juha.ylitalo@gmail.com \
> --public-key-material file://.ssh/id_rsa.pub
{
"KeyName": "juha.ylitalo@gmail.com",
"KeyFingerprint": "..."
}
Example works on RSA key, but if you try same thing with DSA keys, you will get error message claiming that “Key is not in valid OpenSSH public key format”.