Public/private key authentication using SSH
ssh
1 Preparing your system
If your home directory does not have an .ssh directory - start by creating one:
|
|
Set the permissions on it so that only you can see whats in it and read from it:
|
|
2 Creating your keypair
Generating your private/public keypair requires the use of the ssh-keygen command:
|
|
SSH-Keygen then prompts you the Key Pair location and name, It provides a sensible default($HOME/.ssh/id_rsa), and unless you already have a keypair stored at that location i recommend using the default setting. SSH-Keygen also prompts for whether you want to set a password for your key, -this is highly recomended in order to strengthen security. Example key generation:
|
|
Once the keys are generated, you will have two new files in the $HOME/.ssh/ directory:
- $HOME/.ssh/id_rsa - contains your private key.
- $HOME/.ssh/id_rsa.pub - contains your public key.
The private key must be carefully protected (even if you have set a password).
3 Installing the public key
In order to use your key pair to log in to remote servers, you need to transfer the public key to your existing account on the server. you can use either SCP to do a direct copy or use ssh-copy-id:
scp
1
scp $HOME/.ssh/id_rsa.pub [email protected]:~/.ssh/authorized_keys
ssh-copy-id:
1
ssh-copy-id -i $HOME/.ssh/id_rsa.pub [email protected]
4 Logging in with your key pair
Now that the keys are uploaded, you can connect to the server in the usual way:
|
|
If you have taken care to password protect your key file, you will be asked for the password, and then you are logged in.