SSH

Create key

ssh-keygen -t ecdsa -b 521

# specif an file
ssh-keygen -t ecdsa -b 521 -f ~/.ssh/key-ecdsa

Copy public key

ssh-add ~/.ssh/id_ed25519
ssh-copy-id -i ~/.ssh/y-ecdsa.pub example_user@192.0.2.4

Add existing Key

ssh-add ~/.ssh/key-ecdsa

Alias

Host srv01
    HostName srv01.lan
    User john
    RemoteCommand cd ~/; exec bash --login
    RequestTTY yes

Port Binding

Bind local port 8001 to target-server port 80 using jump-machine.local.
(local machine without direct access to target-server)

ssh -f -N -L localhost:8001:target-server:80 usr@jump-machine.local

kubernetes - ssh client

kind: Pod
metadata:
  name: ssh-client
  labels:
    app: ssh-client
spec:
  containers:
    - name: ssh-client
      image: git.limbosolutions.com/kb/ssh-client:latest
      tty: true
      command: ["bash", "-c"]
      args:
        - |
        set -e
        eval `ssh-agent` 
        ssh-keyscan -p ${SRV_PORT} -H ${SRV_HOST} > ~/.ssh/known_hosts
        ssh ${SRV_HOST}@${SRV_USER} -p ${SRV_PORT} "ls -lah" && \
        echo "INFO:Remote command executed!"
      env:
        - name: SRV_HOST
          valueFrom:
            secretKeyRef:
              name: backup-secrets
              key: SRV_HOST

        - name: SRV_PORT
          valueFrom:
            secretKeyRef:
              name: backup-secrets
              key: SRV_PORT

        - name: SRV_USER
          valueFrom:
            secretKeyRef:
              name: backup-secrets
              key: SRV_USER

      volumeMounts:
        - name: backup-secrets
          subPath: SSH_PRIVATE_KEY
          mountPath: /root/.ssh/id_ed25519

  volumes:
    - name: backup-secrets
      secret:
        secretName: backup-secrets
        defaultMode: 0600
        items:
          - key: SSH_PRIVATE_KEY
            path: SSH_PRIVATE_KEY