Here is a copy of what I used off an O'Reilly guide - I've ammended it with my changes.
To use public keys with an ssh server, you'll first need to generate a public/private key pair:
$ ssh-keygen -t rsa
After you enter the above command, you should see something like:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/rob/.ssh/id_rsa):
Just hit Enter there. It will then ask you for a pass phrase; just hit enter twice. Here's what the results should look like:
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/rob/.ssh/id_rsa.
Your public key has been saved in /home/rob/.ssh/id_rsa.pub.
The key fingerprint is:
a6:5c:c3:eb:18:94:0b:06:a1:a6:29:58:fa:80:0a:bc rob@localhost
You can enter a password at the next part if you like, but then you'll have to enter that password every time you try to use the key, which almost defeats the purpose. A compromise is to enter a password, and then use:
$ ssh-agent sh -c 'ssh-add < /dev/null && bash
Back to the original use case - this created two files, ~/.ssh/id_rsa and
~/.ssh/id_rsa.pub. To use this keypair on a server, try this:
$ ssh server "mkdir .ssh; chmod 0700 .ssh"
$ scp .ssh/id_rsa.pub server:.ssh/authorized_keys2
.ssh/authorized_keys2 is a file, not a directory. the .ssh directory has permissions 700, as above. The subdirectory has permissions 644, I think.
This task took about 5-10 minutes, and another 5-10 to create this writeup.
No comments:
Post a Comment