Skip to content

Instantly share code, notes, and snippets.

@Darkflib

Darkflib/gist:1884523

Created February 22, 2012 12:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Darkflib/1884523 to your computer and use it in GitHub Desktop.
Save Darkflib/1884523 to your computer and use it in GitHub Desktop.
Download ZIP
Setting up ssh keys
Raw
gistfile1.html
<h3>Generating the keys</h3>
<p>Generating the key isn't difficult.</p>
<code>
[root@server1 ~]# <b>ssh-keygen</b>
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): <b>test_key</b>
Enter passphrase (empty for no passphrase): <b>my passphrase</b>
Enter same passphrase again:<b>my passphrase</b>
Your identification has been saved in test_key.
Your public key has been saved in test_key.pub.
The key fingerprint is:
54:ae:59:31:8c:fc:64:a2:70:4a:03:21:6d:39:66:82 root@xen1
[root@server1 ~]#
</code>
<p> I recommend using a passphrase to secure the key unless you are pretty sure you know what you are doing.
Since without a passphrase the owner of the private half of the key is able to login to any server you
install the public key to without any passwords.</p>
<h3>Installing the keys on a server</h3>
<p>Installing the keys to the server is fairly easy.</p>
<p><b>EDIT: or just use ssh-copy-id -i test_key root@192.168.20.133</b></p>
<code>
[root@xen1 ~]# <b>scp test_key.pub root@192.168.20.133:/root/</b>
root@192.168.20.133's password: <b>password</b>
test_key.pub 100% 391 0.4KB/s 00:00
[root@xen1 ~]# <b>ssh root@192.168.20.133</b>
root@192.168.20.133's password: <b>password</b>
Linux debian 2.6.26-2-686 #1 SMP Mon May 11 19:00:59 UTC 2009 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
debian:~# <b>cat test_key.pub >> ~/.ssh/authorized_keys</b>
-bash: /root/.ssh/authorized_keys: No such file or directory
debian:~# <b>ls -l</b>
total 4
-rw-r--r-- 1 root root 391 2009-05-20 17:47 test_key.pub
debian:~# <b>mkdir .ssh</b>
debian:~# <b>chmod 700 .ssh</b>
debian:~# <b>cat test_key.pub >> ~/.ssh/authorized_keys</b>
</code>
<p>This was a virgin debian system and the .ssh directory didn't exist, because of this we failed to copy our key into the required file initially.</p>
<p> The key is only installed for a single user, if you want to be able to login with multiple users with a key you need to install it for each user.</p>
<h3>Testing and using the keys</h3>
<p>Testing and using the key is very simple</p>
<code>
[root@xen1 ~]# <b>ssh -i test_key root@192.168.20.133</b>
Linux debian 2.6.26-2-686 #1 SMP Mon May 11 19:00:59 UTC 2009 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Wed May 20 17:48:15 2009 from xen1.local
debian:~#
</code>
<p>If there was a passphrase on this key, you would have been prompted for it as a second step before logging you in.</p>
<p>Without a passphrase you can do interesting things such as</p>
<code>
[root@xen1 ~]# <b>ssh -i test_key root@192.168.20.133 df -h</b>
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VolGroup00-lennyroot
19G 3.1G 16G 17% /
tmpfs 245M 0 245M 0% /lib/init/rw
udev 10M 148K 9.9M 2% /dev
tmpfs 245M 0 245M 0% /dev/shm
/dev/md0 99M 23M 72M 24% /boot
192.168.20.250:/mnt/download
939G 932G 6.6G 100% /mnt/download
/dev/sdc1 2.0G 232M 1.7G 12% /media/EXTERNAL
[root@xen1 ~]#
</code>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment