SSH key based authentication

ssh_config

## Password less ssh
1. Create new keyfile `ssh-keygen -t rsa -C "[email protected]"`
2. Push it to remote server `cat ~/.ssh/<name_of_your_public_key> | ssh <user@host> "mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys"`
3. Add new key to keyvalut `ssh-add id_rsa` if you get error that `Could not open a connection to your authentication agent.` you need to run `ssh-agent bash` and then `ssh-add id_rsa` but this will stay until you log out. So better option is to create config
`vim ~/.ssh/config`
and fill it with following template

	Host <host 1>
		HostName <host_name_or_ip>
		User <user>
		IdentityFile <private key file>
	Host <host 2>
		HostName <host_name_or_ip>
		User <user>
		IdentityFile <private key file>
4. Login using `ssh <host 1>`

## Tunel connection

1. Create tunel (it must be done for every server)
`ssh -f -L <local_port>:<remote_host>:22 user@host -N ` remember to add option `ServerAliveInterval 60`
(e.g `ssh -f -L 2023:194.29.178.57:22 gamma -N `)
2. You can add above command to startup script (put it in `/etc/rc.local` or create coronjob `@reboot`
2. Update `.ssh/config` to look like

	Host <remote host>
		HostName localhost
		User <remote_user>
		Port <local_port>
		
		
## Second option
SSH proxies

If you have an SSH server that’s only accessible to you via an SSH session on an intermediate machine, which is a very common situation when dealing with remote networks using private RFC1918 addresses through network address translation, you can automate that in .ssh/config too. Say you can’t reach the host nathost directly, but you can reach some other SSH server on the same private subnet that is publically accessible, publichost.example.com:

Host nathost
    ProxyCommand ssh -q -W %h:%p public.example.com