So, at work yesterday it was suggested to me that I should setup SSH with keys as to avoid the pain caused by attempts to continually use credentials for specific servers I run.<\/p>\n
Doing this might seem daunting to the uninitiated, so here is how I did it between my box and the server I wanted to login with an SSH key instead of regular password. Please note there are some security implications from using SSH keys as opposed to password.<\/p>\n
Step 1:\u00a0 Generate your pair of keys. (2 keys will be made, one for the remote server, and one for your own machine).<\/p>\n
ssh-keygen -t dsa<\/p>\n
Generating public\/private dsa key pair.\r\nEnter file in which to save the key (\/home\/adam\/.ssh\/id_dsa): \r\nEnter passphrase (empty for no passphrase): \r\nEnter same passphrase again: \r\nYour identification has been saved in \/home\/adam\/.ssh\/id_dsa.\r\nYour public key has been saved in \/home\/adam\/.ssh\/id_dsa.pub.\r\nThe key fingerprint is:\r\n1d:ab:23:29:9f:d6:7c:3c:39:ab:2b:2c:8f:2f:4d:26 adam@mylocal\r\n<\/pre>\n<\/blockquote>\nStep 2:\u00a0 your keys are stored, by default in your ‘users’ .ssh folder or ~<\/p>\n
cd ~.ssh; ls -l<\/p>\n
-rw------- 1 adam adam 526 Nov 3 01:21 id_dsa\r\n-rw-r--r-- 1 adam adam 330 Nov 3 01:21 id_dsa.pub\r\n<\/pre>\n<\/blockquote>\nStep 3: Observe your beautiful keys.<\/p>\n
— id_dsa is your private key. Keep this on the machine you want to login FROM. <\/strong>Do not share the key otherwise it will allow other people to login to your machine. very bad.<\/strong><\/p>\n
— id_dsa.pub is your public key. This can be added to the system you want to login to authorized_keys2 file.<\/p>\n
Step 4: Place the public key on the remote server. I simply used scp from the terminal to copy the public key file to the remote server I want to login to<\/strong>.<\/p>\n
scp id_dsa.pub adam@myremoteserver.business.com:.\/id_dsa.pub<\/p><\/blockquote>\n
If it works you’ll see a status bar show 100% , 607bytes, Kb\/s 0:00 and the time taken to transfer the file<\/p>\n
Step 5: Login to the remote server and make public key ready to be used. It is very important these commands are written in this order.<\/p>\n
# switch to home dir and make sure .ssh folder exists
\ncd ~; mkdir .ssh;
\ncd .ssh<\/p>\n# make sure that the key file is there
\ntouch authorized_keys2<\/p>\n# add key to authorize_keys2 file<\/p>\n
cat ..\/id_dsa.pub >> authorized_keys2
\nrm ..\/id_dsa.pub<\/p><\/blockquote>\nStep 6:\u00a0 Ensure correct permissions on the filesystem for ‘secret’ file<\/p>\n
chmod 600 authorized_keys2<\/p><\/blockquote>\n
Step 7: Login using your new ssh keypair<\/p>\n
ssh -2 -v adam@myremoteserver.business.com
\ndebug1: Trying private key: \/Users\/adam\/.ssh\/id_rsa
\ndebug1: Offering DSA public key: \/Users\/adam\/.ssh\/id_dsa<\/p><\/blockquote>\nJob done!<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
So, at work yesterday it was suggested to me that I should setup SSH with keys as to avoid the pain caused by attempts to continually use credentials for specific servers I run. Doing this might seem daunting to the … Continue reading