SSH Key Setup

Setting up SSH public/private keys

SSH (Secure Shell) can be set up with public/private key pairs so that you don’t have to type the password each time. Because SSH is the transport for other services such as SCP (secure copy), SFTP (secure file transfer), and other services (CVS, etc), this can be very convenient and save you a lot of typing.

SSH Version 2

On the local machine, type the BOLD part. The non-bold part is what you might see as output or prompt.

  • Step 1:


    %
    ssh-keygen -t dsa



    Generating public/private dsa key pair.

    Enter file in which to save the key (~/.ssh/id_dsa):

    (just type return)

    Enter passphrase (empty for no passphrase):

    (just type return)

    Enter same passphrase again:

    (just type return)

    Your identification has been saved in ~/.ssh/id_dsa

    Your public key has been saved in ~/.ssh/id_dsa.pub

    The key fingerprint is:

    Some really long string

    %

  • Step 2:

    Then, paste the content of the local
    ~/.ssh/id_dsa.pub
    file into the file
    ~/.ssh/authorized_keys
    on the remote host.

  • RSA instead of DSA
    • If you want something strong, you could try


      %
      ssh-keygen
      -t
      rsa
      -b 4096

    • Instead of the names
      id_dsa
      and
      id_dsa.pub,
      it will be

      id_rsa

      and

      id_rsa.pub
      ,
      etc.
    • The rest of the steps are identical.

That’s it!

FAQ:

  • Q: I follow the exact steps, but ssh still ask me for my password!
  • A: Check your remote .ssh directory. It should have only your own read/write/access permission (octal 700)


    %
    chmod
    700 ~/.ssh

SSH Version 1

  • Step 1:


    %
    cd ~/.ssh

    %
    ssh-keygen -t rsa1

    Generating public/private rsa1 key pair.

    Enter file in which to save the key (~/.ssh/identity):

    (just type return)

    Enter passphrase (empty for no passphrase):

    (just type return)

    Enter same passphrase again:

    (just type return)

    Your identification has been saved in ~/.ssh/identity

    Your public key has been saved in ~/.ssh/identity.pub

    The key fingerprint is:

    Some really long string

    %

  • Step 2:

    Then, paste content of the local
    ~/.ssh/identity.pub
    file into the file
    ~/.ssh/authorized_keys
    on the remote host.