Monthly Archives: April 2014

How to set up ssh keys

SSH keys are a pair of the private and the public keys. The private key is identity of a client and it must not be shared by anyone. The public key can be shared freely with any SSH server to which client would like to connect.

Here are the steps you need to follow to setup ssh key based authentication

1- Generate SSH key (client)

Running the commands below will create two files called id_rsa and id_rsa.pub in your .ssh dir. id_rsa is your private key and id_rsa.pub is your public key.

ssh-keygen -t rsa

or more specifically

ishtiaqmedsmbp2:.ssh Ishtiaq$ ssh-keygen -t rsa -b 1024 -C "$(whoami)@$(hostname)-$(date)"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/Ishtiaq/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/Ishtiaq/.ssh/id_rsa.
Your public key has been saved in /Users/Ishtiaq/.ssh/id_rsa.pub.
The key fingerprint is:
a4:1b:aa:dd:44:2c:b3:78:88:03:3e:19:f4:86:53:11 Ishtiaq@ishtiaq-ahmeds-macbook-pro-2.local-Sun 20 Apr 2014 12:01:46 EST
The key's randomart image is:
+--[ RSA 1024]----+
|   E.            |
|    .            |
| . .    .        |
|. +  . o         |
|.+ oo = S        |
|o.=o * o         |
|o+o + o          |
| ..+ o           |
|  . . .          |
+-----------------+

2- Copy public key to SSH server (client)

ishtiaqmedsmbp2:.ssh Ishtiaq$ scp ~/.ssh/id_rsa.pub root@remotehost.com:~
Identity added: /Users/Ishtiaq/.ssh/id_rsa (/Users/Ishtiaq/.ssh/id_rsa)
root@remotehost.com's password:
id_rsa.pub                                                                                                                       100%  285     0.3KB/s   00:00

3- Add client’s public key to server’s authorized keys (server)

After running commands below, your ssh server would be ready to accept ssh connections from client without prompting for pssword

cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
rm -f ~/id_rsa.pub

 4- Test (client)

ssh root@remotehost.com

This time it didn’t ask you to enter password.

Cheers!

 

Array ( [marginTop] => 100 [pageid] => @techish1 [alignment] => left [width] => 292 [height] => 300 [color_scheme] => light [header] => header [footer] => footer [border] => true [scrollbar] => scrollbar [linkcolor] => #2EA2CC )