User Tools

Site Tools


Sidebar


guides:unix_admin:setting_up_ssh_keys

Setting up SSH public/private keys

SSH (Secure Shell) can be set up with public/private key pairs which is much more secure then password authentication and it saves you typing out a password every time you need to authenticate to a service.

There are two types of ssh keys either RSA or DSA. Recommend using RSA over DSA.

RSA Key

Step 1:

 % cd ~/.ssh
 % ssh-keygen -t rsa
 Generating public/private rsa key pair.
 Enter file in which to save the key (~/.ssh/id_rsa): (just type return)
 Enter passphrase (empty for no passphrase): (enter a really strong passphrase to protect your key or just type return)
 Enter same passphrase again: (as above)
 Your identification has been saved in ~/.ssh/id_rsa.
 Your public key has been saved in ~/.ssh/id_rsa.pub.
 The key fingerprint is:
 Some really long string
 %

Step 2:

 Then, paste content of the local ~/.ssh/id_rsa.pub file into the file ~/.ssh/authorized_keys on the remote host.
 
 OR
 
 Use ssh-id-copy to transfer the client key to a remote server.
 
     ssh-copy-id <username>@<host>
     
 OR
 
 If you don't have ssh-id-copy a single line command to copy.
 
    cat id_rsa.pub | ssh user@host 'cat >> ~/.ssh/authorized_keys'

DSA Key

On the local machine, type the BOLD part. The non-bold part is what you might see as output or prompt.

Step 1:

 % ssh-keygen -t dsa
 Generating public/private dsa key pair.
 Enter file in which to save the key (~/.ssh/id_dsa): (just type return)
 Enter passphrase (empty for no passphrase): (enter a really strong passphrase to protect your key or just type return)
 Enter same passphrase again: (as above)
 Your identification has been saved in ~/.ssh/id_dsa
 Your public key has been saved in ~/.ssh/id_dsa.pub
 The key fingerprint is:
 Some really long string
 %
 

Step 2:

 Then, paste the content of the local ~/.ssh/id_dsa.pub file into the file ~/.ssh/authorized_keys on the remote host.
 
 OR
 
 Use ssh-id-copy to transfer the client key to a remote server.
 
     ssh-copy-id <username>@<host>
     
 OR
 
 If you don't have ssh-id-copy a single line command to copy.
 
    cat id_dsa.pub | ssh user@host 'cat >> ~/.ssh/authorized_keys'
guides/unix_admin/setting_up_ssh_keys.txt · Last modified: 2016/03/15 10:16 by michaelc