Mohammedz.com

For Linux and Shell scripting.

How to create and use ssh keys.

Leave a comment


Here are the steps to create & use ssh keys. It’s very simple.

Just use “ssh-keygen” command to create the key. Before doing this, create a folder “.ssh” in your home directory with permission as 700

mkdir –mode=700 ~/.ssh

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[abdurahiman@49 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/techhome/abdurahiman/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /techhome/abdurahiman/.ssh/id_rsa.
Your public key has been saved in /techhome/abdurahiman/.ssh/id_rsa.pub.
The key fingerprint is:
4c:d8:65:1a:eb:4b:3c:ca:96:dd:38:b3:b7:54:ab:c5 abdurahiman@49.cpiv.com
[abdurahiman@49 ~]$
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

When you use “ssh-keygen” command, you will be prompted with multiple questions. Click “enter” if you don’t know what it’s. Questions will be as follows:

1. Enter file in which to save the key
The default location is ~/.ssh/id_rsa. You can specify a different location if you want. Actually, you can specify this location at the command line using -f option.

2. Enter passphrase
It’s not meant for automated keys. So, don’t use it….just click “enter”.

3. Enter same passphrase again
Same as 2nd step.

Now, the key pair has been created. The key pair contains private key and public key. Private key is meant for the system from which you are trying to login and public key is for the remote machine. So, copy the public key to the remote machine (into ~/.ssh/authorized_keys)

Then, try logging into the remote machine. It won’t prompt you for the password.
ssh user@remote.machine.com

If the private key is not in the default path (i.e., ~/.ssh/id_rsa) you should specify the path as well:
ssh -i /path/to/private/key user@remote.machine.com

If you find any issues, check the permissions for the following:

.ssh –> 700
id_rsa –> 600
authorized_keys –> 644

Note: The above steps describe about RSA key authentication. If you want to use DSA key, use “-t dsa” along with “ssh-keygen”. All other steps are similar to dsa and rsa.

Best Regards,
Mohammed.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s