Setting up SSH public/private keys
SSH (Secure Shell) can be set up with public/private key pairs so that you don’t have to type the password each time. Because SSH is the transport for other services such as SCP (secure copy), SFTP (secure file transfer), and other services (CVS, etc), this can be very convenient and save you a lot of typing.
SSH Version 2
On the local machine, type the BOLD part. The non-bold part is what you might see as output or prompt.
- Step 1:
%
ssh-keygen -t dsa
Generating public/private dsa key pair.Enter file in which to save the key (~/.ssh/id_dsa):
(just type return)
Enter passphrase (empty for no passphrase):
(just type return)
Enter same passphrase again:
(just type return)
Your identification has been saved in ~/.ssh/id_dsa
Your public key has been saved in ~/.ssh/id_dsa.pub
The key fingerprint is:
Some really long string
%
- Step 2:
Then, paste the content of the local
~/.ssh/id_dsa.pub
file into the file
~/.ssh/authorized_keys
on the remote host. - RSA instead of DSA
- If you want something strong, you could try
%
ssh-keygen
-t
rsa
-b 4096
- Instead of the names
id_dsa
and
id_dsa.pub,
it will be
id_rsa
and
id_rsa.pub
,
etc. - The rest of the steps are identical.
- If you want something strong, you could try
That’s it!
FAQ:
- Q: I follow the exact steps, but ssh still ask me for my password!
- A: Check your remote .ssh directory. It should have only your own read/write/access permission (octal 700)
%
chmod
700 ~/.ssh
SSH Version 1
- Step 1:
%
cd ~/.ssh%
ssh-keygen -t rsa1Generating public/private rsa1 key pair.
Enter file in which to save the key (~/.ssh/identity):
(just type return)
Enter passphrase (empty for no passphrase):
(just type return)
Enter same passphrase again:
(just type return)
Your identification has been saved in ~/.ssh/identity
Your public key has been saved in ~/.ssh/identity.pub
The key fingerprint is:
Some really long string
%
- Step 2:
Then, paste content of the local
~/.ssh/identity.pub
file into the file
~/.ssh/authorized_keys
on the remote host.