From ZhoubaWiki
Jump to navigation Jump to search

How to create SSH keys

SSH keys serve as a means of identifying yourself to an SSH server using public-key cryptography and challenge-response authentication. One immediate advantange this method has over traditional password authentication is that you can be authenticated by the server without ever having to send your password over the network.


To begin, install the following package:

sudo aptitude install openssh-server


If you don't have the private key, then you should make one in ~/.ssh. Write to:

ssh-keygen -t rsa
ssh-keygen -t dsa
  • RSA key type is recommended
  • Next you will be asked where you want save a private key. You can let the default location.

You can also specify the filename on the command line with the -f flag like so:

ssh-keygen -t rsa -f /path/to/my_rsa

Now you have id_dsa and id_dsa.pub in ~/.ssh folder.

  • id_dsa is your private key
  • id_dsa.pub is your public key

Next step is create ~/.ssh/config with hosts.

	host host1
		hostname x.x.x.x
		user user1
		identityfile /path_to/.ssh/id_dsa
		compression yes
		protocol 2

	host host2
		hostname x.x.x.x
		user user2
		identityfile /path_to/.ssh/id_dsa
		compression yes
		protocol 2

chmod 640 config

Configuration host server

Now create a file ~/.ssh/authorized_keys in user's home directory, which will be used to connect.
Into this file you must insert content of id_dsa.pub from your server.


ssh-dss AAAAB3NzaC1kc3MAAACBAMGypTQm9pN93QEWJbd3zINUsiTFq77ifTB6yT/eQcOBBxR67Wa51susnNXo1haG3MRmnRDCnmdEu/pKdsHDSxzdb2Vo5DfQozJzB+2/m39dO6eLJ4MwCGaN1Qp9PII+GpYZ0nk9VigZXu8ajalslba6NTRbDX00ZGku8zdod4yPAAAAFQCCnyQNDmF7NxDEWwsnb9AP18KwNQAAAIEAg1rKm4xKi2xjkp7h455UK33hZLtDi4Zzsc/nBOxNb0bOfALwfRrsuSWhc1qJtqdDsVvSUBC9aecfI+t8sff+/jHmCRF3Ad7W83LqqEF0V4nbTRhyoCI4bwl/AI52bg+7B1MhzqYwFpAtxobJ+OVVeFjyG13A6bnjuKJF1vgspVQAAACAX0kimyRa+0eiUGdd7Tc/OjnlDsTUIuBV3kjiJMj7N3ErayMwUU4RRaZNB5Xy31oRqEfW0VVujvAtc1tpeZ2FROU2+0CREmSympKaRRh7HVvrLzXsM8uJYYSDOb8uitqsXxBxuee85VsbNAZpqteLdNjUF5es560hnotBk/vn4NQ= your@machine


Now we can connect to host server.


ssh host1


ssh host2