Creating And Using SSH Public Keys

From DFWLPiki
Jump to: navigation, search


SSH Public Keys can allow you to make a secure connection over sshd to a remote host, without pausing to give a password. To do this, a public key must be created, placed on the remote server, and finally, the key must be imported into the ~/.ssh/authorized_keys2 file.

Create your public/pricate key pair/

[jhorne@local ~]$ ssh-keygen -t rsa

This will take a moment to generate the pair, and it will ask you to enter a pass phrase. Do not enter a pass phrase, but instead, just hit enter to create a blank passphrase. The files will be created in your ~/.ssh directory. They should look like this:

[jhorne@local ~]$ ls .ssh/
id_rsa          id_rsa.pub

IF YOURE USING RedHat or Fedora or CentOS, then just do this next step and skip the rest:

ssh-copy-id remote

this command will place your key on the remote server with the proper folder and file permissions. 9 out of 10 times, ssh-key issues are permissions issues :) (they should be 700 and 600, respectively).

If you're using some other Unix, then read on.  :)

Next, move the id_rsa.pub to your target remote server. Use scp, sftp, or whatever method you need to move the file to the remote. I usually just put it right in the homedir on the remote server. Once its, there, import it into the authorized_keys file like this:

[jhorne@remote ~]$ cat id_rsa.pub >> .ssh/authorized_keys

Once this is done, then from the local server, you can ssh to the remote server without a password.

[jhorne@local ~]$ ssh remote
Last login: Sun Jun  4 10:21:15 2006 from local.
[jhorne@remote ~]$

The id_rsa.pub file that you moved to your homedir on the other server, should now be deleted.