On your workstation you want to build your ssh key.
ssh-keygen -t rsa
This will ask you for some information like a the name of the file to save the key and a passphrase. If you enter a passphrase you will need to use that passphrase every time you log into the remote server. This is the most secure type of connection, but for this tutorial we are going to leave the passphrase blank so we can log in without a password.
OUTPUT FROM ssh-keygen command:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/tomthumb/.ssh/id_rsa):
Created directory '/home/tomthumb/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/tomthumb/.ssh/id_rsa.
Your public key has been saved in /home/tomthumb/.ssh/id_rsa.pub.
The key fingerprint is:
44:43:e0:d7:c7:b1:1d:4e:f2:e9:32:a1:16:ef:1b:04 tomthumb@workstation
The key's randomart image is:
+--[ RSA 2048]----+
| .o+ . . |
| . . + = . |
| . E = o |
| o o . |
| S o . |
| ..o . |
| ...o |
| o oo |
| o.o++. |
+-----------------+
Now that you have the private and public keys generated, you need to put the public key on the remote server. The remote server keeps the public key in a file called "authorized_keys" which resides in a hidden directory within your home directory called ".ssh". We will use scp to copy the public key from the workstation to the servers authorized_keys2 file. Of course you will need to enter your password for this scp session because the key exchange is not completed yet.
scp ~/.ssh/id_rsa.pub server:.ssh/authorized_keys2
THATS ALL FOLKS! You should not be able to log into the server via ssh without entering a password.
Troubleshooting SSH keys:
* Your .ssh folder and contents MUST be only readable by you. If your keys are not working try running the following command on both systems.
chmod -R 700 ~/.sshIn the future I will be writing about some other topics that relate well to ssh keys:
* Using multiple SSH Keys * Single purpose keys
