SSH login with ED25519 keys

To generate new key pairs

ssh-keygen -t ed25519 -f /root/.ssh/id_ed25519 -C "root@linuxwin" -N ""

Empty files if needed

echo "" > /root/.ssh/authorized_keys
echo "" > /root/.ssh/known_hosts

Add public key to Authorized_keys

cat /root/.ssh/id_ed25519.pub >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys

Set permissions

chmod 700 /root/.ssh
chmod 600 /root/.ssh/authorized_keys
chmod 644 /root/.ssh/known_hosts
chown -R root:root /root/.ssh

Copy private key to ssh client

cat /root/.ssh/id_ed25519

### copy everything from
-----BEGIN OPENSSH PRIVATE KEY-----
    ...... until .....
 -----END OPENSSH PRIVATE KEY-----

SSH login with RSA keys

To generate a new key pairs

ssh-keygen -t rsa

#################

Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): linuxwin_rsa_key
Enter passphrase (empty for no passphrase):*******
Enter same passphrase again:*******
Your identification has been saved in linuxwin_rsa_key
Your public key has been saved in linuxwin_rsa_key.pub
The key fingerprint is:
SHA256:/nnU**********************hu2c user@servername
The key's randomart image is:
+---[RSA 3072]----+
|        8===o    |
|      0++++___   |
|             =.o |
|             ...+|
|        ++++++o+o|
|       .    *****|
|        . *****  |
|        *****    |
|                 |
+----[SHA256]-----+

Install public key on the server

ssh-copy-id -i linuxwin_rsa_key.pub user@server

or just copy it to ~/.ssh/authorized_keys

cp linuxwin_rsa_key.pub ~/.ssh/authorized_keys

Use Privete key with ssh client, mobaXterm, PuTTy…etc

OpenSSL – ssh to legacy systems

Unable to negotiate with 192.168.100.18 port 22: no matching host key type found. Their offer: ssh-dss

# Then you add option #

ssh -oHostKeyAlgorithms=+ssh-dss 

...and you got another error...
Unable to negotiate with 192.168.100.18 port 22:
no matching cipher found. Their offer:
aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc,blowfish-cbc

then you add more options,.. you got more errors...and so on...

This fix all SSH login negotiation errors by adding all outdated alogorithams. (there are reasons why this protocols are removed. Use it with caution and DO NOT USE IN PRODUCTION)

{
echo -n 'Ciphers '
ssh -Q cipher | tr '\n' ',' | sed -e 's/,$//'; echo

echo -n 'MACs '
ssh -Q mac | tr '\n' ',' | sed -e 's/,$//'; echo

echo -n 'HostKeyAlgorithms '
ssh -Q key | tr '\n' ',' | sed -e 's/,$//'; echo

echo -n 'KexAlgorithms '
ssh -Q kex | tr '\n' ',' | sed -e 's/,$//'; echo

} >> ~/.ssh/config