How to generate ssh keys in linux?
-
To generate an RSA key pair:
$ /usr/bin/ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/testuser/.ssh/id_rsa): Created directory '/home/testuser/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/testuser/.ssh/id_rsa. Your public key has been saved in /home/testuser/.ssh/id_rsa.pub. The key fingerprint is: aa:bb:cc:dd:ee:ff:gg:hh:ii:jj:kk:ll:mm:nn:oo:pp testuser@server1
Assuming /home/testuser is testuser's home directory, the public key is written to /home/.ssh/id_rsa.pub and the private key is written to /home/.ssh/id_rsa.
Change the permissions of the .ssh directory:
# /bin/chmod 700 /home/testuser/.ssh
Copy the contents of id_rsa.pub into /home/testuser/.ssh/authorized_keys on the host you want to connect to i.e. on server2:
$ /bin/vi /home/testuser/.ssh/authorized_keys
Make sure the contents is on one line.
If the file /home/testuser/.ssh/authorized_keys already exists, append the contents of id_rsa.pub to the file.
Change the permissions of /home/testuser/.ssh/authorized_keys on server2:
# /bin/chmod 600 /home/testuser/.ssh/authorized_keys
When user testuser uses ssh from server1 to server2 (192.168.1.65), testuser will not be asked for his/her password:
$ /usr/bin/ssh 192.168.1.65 The authenticity of host '192.168.1.65 (192.168.1.65)' can't be established. RSA key fingerprint is zz:yy:cc:dd:ee:ff:gg:hh:ii:jj:kk:ll:mm:nn:oo:pp. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.1.65' (RSA) to the list of known hosts. Last login: Fri Jul 24 12:08:05 2009 from xxxxxx.home
To generate a DSA key pair:
$ /usr/bin/ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/testuser/.ssh/id_dsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/testuser/.ssh/id_dsa. Your public key has been saved in /home/testuser/.ssh/id_dsa.pub. The key fingerprint is: aa:bb:cc:dd:ee:ff:gg:hh:ii:jj:kk:uu:mm:nn:oo:tt testuser@server1
Follow the instructions listed above for rsa but replace rsa with dsa.
© Lightnetics 2024