Wednesday, December 29, 2010

SSH -- Configure key-based authentication

One of my favorite things to do when managing Linux systems is to configure key-based authentication. This allows me to connect to multiple systems via scripts without have to re-authenticate every time. A decent walkthrough is available at http://linuxproblem.org/art_9.html
Scenario: You are user A on host A, and you want to log onto host B as user B
  1. As user A on host A, execute
    1. ssh-keygen -t rsa
  2. Echo out the contents of ~/.ssh/id_rsa.pub (save to clipboard or copy via ssh to host B)
  3. As user B on host b, make the .ssh directory if it doesnt already exist
    1. mkdir ~/.ssh
  4. Edit the file ~/.ssh/authorized_keys and enter the contents from id_rsa.pub
Your now done. Assuming all went well, user A on host A should be able to run ssh b@b and be automatically logged in

3 comments:

abe-sa said...

Hi,

I think you forgot to set the permissions on both the directory .ssh and the file authorized_keys:

.ssh must be 700
.ssh/authorized_keys must be 644

Otherwise you may be unable to log in using the exchanged key.

You should also use the dsa format for the key, it's more secure.

Best Regards,
Alberto M.

Anonymous said...

Hi,
I wanna ask how do you echo out the contents.
tahnks

Anonymous said...

you can just use ssh-copy-id to install your public key to a remote machine