Friday, June 1, 2012

Linux Public Key Authentication

This is mainly for automated logins into other machines.

First, generate a key pair on your PC or the server that will be the SSH client:

shell> ssh-keygen -t dsa

If the whole idea is to automate login, then don't add a pass-phrase. It can be empty.

The public & private keys are stored in the ~/.ssh folder.
  • id_dsa.pub <-- public key, the one you copy to the destination.
  • id_dsa <-- private key. Keep it safe, never give it away.
Then, copy the contents of Id_dsa.pub into ~/.ssh/authorized_keys on the destination server (just plain text copy & paste).

If the file doesn't exist, create it and make sure permissions are 600.

If it exists, append the contents of id_dsa.pub into a new line of authorized_keys.

Note: Some SSH client/servers have disabled dss by default. Use rsa instead i.e. "ssh-keygen -t rsa"

No comments:

Post a Comment