1. IMPORTANT - 11/13/2015: In light of a possible breach we have scrubbed all passwords. You will need to request a password reset through the site. Click here for more information.

Set up SSH Keys

Discussion in 'Linux Security' started by Rob, Jul 10, 2013.

  1. Rob

    Rob Administrator Staff Member

    Oct 27, 2011
    Likes Received:
    There are two machines A and B. The idea is to login (via ssh) from A to B without typing the password that machine B would normally ask for. A is called the client and B is called the server.

    A single command on the client A does this (replace SERVERB by the correct machine name or IP address of server B ):

    ssh-keygen -t dsa -f ~/.ssh/identity && cat  ~/.ssh/identity.pub | ssh SERVERB 'sh -c "cat -  >>~/.ssh/authorized_keys2 && chmod 600  ~/.ssh/authorized_keys2"'
    Press enter twice. Then it will ask you for password when u run this command but this will be the last time it will ask. After this, you can jump to step 4 below.

    Generate your public and private keys on client A, by running:

    ssh-keygen -t dsa -f ~/.ssh/mykey
    Just hit enter twice for the passphrase query.

    Next, copy your public key on client A to Server B. Run the command:

    cat ~/.ssh/mykey.pub | ssh SERVERB 'sh -c "cat -  >>~/.ssh/authorized_keys && chmod 600  ~/.ssh/authorized_keys"'
    It will ask you for your password. Don't worry, this is the last time you will have to type it in.

    This puts your public key on server B, in a special file that holds trusted public keys, and gives it appropriate permissions so that its readable by you only.

    Move your private key to a file ssh looks for by default and make it secret by running this on client A:

    mv ~/.ssh/mykey ~/.ssh/identity && chmod 600 ~/.ssh/identity
    Since this file is like your password, it must be readable by you only.

    You are all set. Now run:

    ssh SERVERB
    And server B should let you login without password.

Share This Page