pf » Setting up public key authentication over SSH

January 18, 2006

Setting up public key authentication over SSH

Every time I want to setup public key authentication over SSH, I have to look it up, and I've never found a simple guide, so here's mine.

Generate key on local machine

ssh-keygen -t rsa

It will ask you for a password but you can leave it blank.

Note you could also pick -t dsa if you prefer.

Ensure that the remote server has a .ssh directory

Make sure the server your connecting to has a .ssh directory in your home directory. If it doesn't exist you can run the ssh-keygen command above, and it will create one with the correct permissions.

Copy your local public key to the remote server

If your remote server doesn't have a file called ~/.ssh/authorized_keys2 then we can create it. If that file already exists, you need to append to it instead of overwriting it, which the command below would do:

scp ~/.ssh/id_rsa.pub remote.server.com:.ssh/authorized_keys2

Now ssh to the remote server

Now you can ssh to the remote server without entering your password.

Security

Now keep in mind that all someone needs to login to the remote server, is the file on your local machine ~/.ssh/id_rsa, so make sure it is secure.

Permalink | Add Comment |

add to del.icio.us | Tags: ssh, authentication, rsa, unix

Related Entries

Howto Backup your Mac incrementally over SSH - March 10, 2006
Top 20 Internet Security Vulnerabilities of 2005 - November 23, 2005

12 people found this page useful, what do you think?

Trackbacks

Trackback Address: 532/EABFAC8EEFCABC97AF32A72ADCFEA39A

Comments

On 06/19/2006 at 9:27:42 AM MDT Nav wrote:

I followed the instructions but when i try to access the server ssh remote-server it is still asking for a passowrd. Does the username on the localmachine and the remote need to match.

Thanks a million Nav

On 09/15/2006 at 10:47:37 AM MDT dan wrote:

I too followed the instructions and have to still enter a password =(

any help would be appreciated.

thanks, Dan

On 10/02/2006 at 6:21:12 AM MDT Alex wrote:

You need authorization and identification files created there as well... identification contains line like IdKey _private_key_file_name_here_

authorization contains line like Key _private_key_file_name_here_

HTH, Alex

On 10/09/2006 at 2:53:41 PM MDT Steven Ross wrote:

Instead of doing the scp try this (worked for me):

cat ~/.ssh/id_dsa.pub | ssh someguy@somesite.com "cat - >> ~/.ssh/authorized_keys"

On 10/09/2006 at 8:42:24 PM MDT Nav wrote:

As the tutorial says run ssh-keygen command if .ssh doesnt exist in your home directory on the server. It didnt work when i created .ssh myself.

On 12/16/2006 at 1:04:01 PM MST Jonathan Haddad wrote:

Thanks for the simple, straightforward tutorial. I hate looking through pages of text just to find out how to do something simple.

On 05/03/2007 at 3:53:20 AM MDT Adrian wrote:

it's work.. example is very simple to understand

On 09/17/2007 at 8:38:49 PM MDT Mick wrote:

Hi, Thanks for a quick simple guide. I understood what I needed to do, just couldn't find a quick simple guide on doing it until I saw this. Great work.

On 09/25/2007 at 2:25:12 PM MDT Ernesto Espinosa wrote:

I do not know if this command is available for Apple systems but most linux distros have a very quick way to do the "Copy your local public key to the remote server" step. ssh-copy-id -i id_rsa.pub user@host

On 01/28/2008 at 3:09:41 PM MST Greatful wrote:

Worked like a charm on Leopard, thanks!

On 03/01/2008 at 3:17:46 AM MST anon wrote:

if it doesn't work, perhaps you need to reconfigure the /etc/ssh/ssh_config file for Public Key authentication

On 04/02/2008 at 12:50:28 AM MST Chris wrote:

For those who find it still asks for a password, one thing this tutorial forgets is that on the server you need to ensure the permissions of ~/.ssh and ~/.ssh/authorized_keys are secure:

server$ chmod 700 ~/.ssh server$ chmod 600 ~/.ssh/authorized_keys

That should sort out most problems. More info here: http://sial.org/howto/openssh/publickey-auth/

On 04/02/2008 at 12:51:15 AM MST Chris wrote:

Whoops, there should have been a line-break there:

server$ chmod 700 ~/.ssh server$ chmod 600 ~/.ssh/authorized_keys

On 04/05/2008 at 7:23:07 AM MST Lottor wrote:

How would i go about doing this in a php script.

So all i have to do is like input machine details and have it send the ssh key over to the remote machine automatically. i can code it in just having a problem, when i run scp filename user@ip:.ssh . How do i send the password via the php script when it asks. I tried doing a system command with the password but it doesn't work. Nor does it produce any kinda output.

I am using the System() Php Function.

On 05/07/2008 at 11:08:05 PM MDT Appreciative wrote:

Came here after following other directions that didn't work.