Transcript from the "SSH Key Practice" Lesson
[00:00:00]
>> Jem Young: So let's create an SSH key. What we wanna do is we wanna cd into our .ssh directory. If you're on a Mac machine, that's gonna be the default place for all of your SSH keys live. I want you to list out those files using ls command just to see what's in there.
[00:00:18] And then we're gonna run ssh-keygen
>> Jem Young: So I'll do that now. That's row one.
>> Jem Young: So cd my home directory .ssh. Now I'm in here. List of my keys, they don't mean anything. And then we're gonna run ssh-keygen. So let me just clear that, ssh-keygen. Pro tip and what you will use all the time, if you tab it will try to autocomplete for you, which is really, really, really useful and I wanna run keygen.
[00:00:53] So I can say that, and I tab.
>> Jem Young: It's gonna ask me what I want to save the file name as. If you have an SSH key called ID_rsan, which is the default name, use a different name otherwise it will conflict. I'm gonna use full stack front end.
[00:01:12] I'm gonna use two, you don't have to use two. I already have an original full stack front end key, which I don't remember which server goes to. So I don't wanna delete it cuz if I lose my ssh-key, I'm locked out of my own server. So I'll create a new one.
[00:01:23] You can use a passphrase if you want. I won't for this case, but you generally should if you're using ssh-key regularly, and it's gonna leave it blank. And it generated this random key art image. All right, everybody have an SSH key?
>> Speaker 2: No, I'm getting on no such file or directory when I try to cd the into the-
[00:01:47]
>> Jem Young: Okay, not a problem. So what we can do is we can go to cd, actually I'll just do, we can run make directory. So mkdir -/.ssh, actually, I'm gonna run -p, p just means it will make it if it doesn't already exist. And you should have an SSH directory now.
[00:02:14] So now if we clear, so I'll do ls to list files. I'm gonna pipe the output using the pipe operator, which is just this bar. And I'm going to grep, so I'm gonna run a regular expression to try to find my key, full stack front end 2. And you should have two files if you do a search.
[00:02:38] And of course, depending on what you named your file, you grep for something different. But here we have the private key. So it doesn't end in .pub, and then we have the public key. So I can show you that public key, full stack front end 2. Not that I'm worried about you breaking into my server but you generally shouldn't show people your private key.
[00:03:01]
>> Jem Young: And It looks like this long string of gibberish and that's just the key. So I can share this public key out with anybody, I can email it to you. I'm gonna end up putting it on my server. But I can share it everywhere. And using this public key, I can encrypt all the data I wanna send you.
[00:03:18] And I am the only one now using this private key that can decrypt that data. It's a really amazing concept. Everybody have like some sort of output looks like that, we all have keys, I'm assuming. Any questions on the commands I used? Cool, yeah, private key, public key.
[00:03:38] This is something that I like honestly I don't know why but it took me a long time to wrap my head around it. Probably cuz it's not .private. I don't know why they didn't make it .private and .pub, I'm like, which one is the right one? It's always gonna be a public key.
[00:03:49] Never gonna be a private key. And so now, we're gonna log in.
>> Jem Young: Actually before we do that, the whole point of this was adding an SSH key to this Digital Ocean. So remember, we need that public key? So what we wanna do is you can use, depending on the operating system you're on, you can say pd copy.
[00:04:11] But I'm just gonna use my mouse here. Don't judge me.
>> Jem Young: And I'm gonna paste that in.
>> Jem Young: And I'll just call it full stack front end p2 key. And if anytime you get hung up again, that's why I love Digital Ocean. They have a really good community.
[00:04:31] They have entire instructions here about how to save and copy your public and private key and things like that. And they go into more detail and all these other things. And we can just go ahead and add that, cool. And make sure this one is checked. If you have additional keys that you wanna use, as in they're already on your computer, you don't wanna generate a new one, you can just click those as well.
[00:04:54] But I'm just gonna use one for now.
>> Jem Young: And when we scroll down to how many droplets we need, so droplets are just like a fraction of a server. I can create two, three, four, whatever I want, but I'm not gonna do that. I'm just gonna create one today, cuz we don't wanna run up your bill.
[00:05:12] And the host name, honestly, it doesn't matter. [LAUGH] There's an XKCD joke about naming servers, that it's really hard because servers will live a very long time and they're impossible to rename. Well, not impossible but it's very difficult to rename. So if you try to get clever and like full stack front end, never gonna die server, I don't know.
[00:05:33] I don't know where I'm going with my naming thing, but naming things in computer science is hard. Just pick a random name, it doesn't really matter. We have been, I can say at Netflix we've been burned on our server names because we'll call it, I don't know, we'll call it like EC web server one.
[00:05:48] And if we move to a different host, we're no longer on EC2 instances from AWS, so the name doesn't make sense anymore. So five years later, people are like what does this mean? And then nobody knows anymore cuz the naming is lost. Naming is hard. Totally, totally a tangent there.
[00:06:03] But that's okay. And we can create a droplet. We don't need backups because, well, we're not doing anything that critical. But, in general, you wanna back up your data all the time. Stuff goes wrong, data centers have fires, hackers get in. You almost always wanna back up your data.
[00:06:17] But in this case, we'll be okay. I'm just gonna create that droplet.
>> Jem Young: And it's building.
>> Speaker 3: Did you enable backups?
>> Jem Young: No, not unless you really want to but it'll just cost you more money for no particular reason. And now it's building.
>> Jem Young: Cool, we should be up and running now.
[00:06:45]
>> Jem Young: So I've been assigned IP address to my server so that I can connect to it. So I'm gonna hit copy. It's a nice little command there or you can just highlight but it actually doesn't work that well. So copy that.