Tekker Blog

My little home on the internet.

Archive for May, 2009

SSH Keys Made Simple

without comments

I have backup routines that I have setup on my laptop and my file server. I have Cygwin installed on both since both machines are Windows (hey, I love Linux too, shut up!). I use rsync over ssh to copy files from my laptop to the file server and then again use rsync to sync all the shared files from 1 500GB drive to another in the same machine (raid 1 didn’t work out so well for me, even with a Promise Raid card installed). Having to type my password in 4 times to backup my laptop was annoying, so I decided to setup ssh keys between the laptop at the file server.

Fairly simple setup:

  1. Log into your shell (doesn’t matter if its Cygwin or a standard Linux distro)
  2. Change to the .ssh directory
    $ cd .ssh

  3. Generate the private/public key pair (use defaults, including the password, unless you wish to still type in a password on each connect)
    $ ssh-keygen -t dsa
    Generating public/private dsa key pair.
    Enter file in which to save the key (/home/[username]/.ssh/id_dsa):
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /home/[username]/id_dsa.
    Your public key has been saved in /home/[username]/id_dsa.pub.
    The key fingerprint is:
    aa:d3:81:89:31:13:01:7c:80:d8:e5:4d:90:b1:25:a6 [username]@[hostname]

  4. Transfer the file to the remote machine you wish to use the key to log into
    $ scp id_dsa.pub administrator@192.168.111.45:./id_dsa.pub

  5. SSH to the remote machine
    $ ssh [remoteusername]@[remotehostname]

  6. Touch the authorized_keys2 file, just in case it doesn’t exist yet
    $ touch ~/.ssh/authorized_keys2

  7. Set permissions on the authorized_keys2 file so that only the owner can read/write to it
    $ chmod 600 ~/.ssh/authorized_keys2

  8. Copy the contents of the public key into the authorized_keys2 file
    $ cat id_dsa.pub >> ~/.ssh/authorized_keys2

  9. Delete the public key file, just because it’s safer that way!
    $ rm id_dsa.pub

  10. Logout of the remote server
    $ exit

  11. SSH back into the remote server and test to see if it asks you for a password (assuming you did not enter a password while generating the keys earlier)
    $ ssh [remoteusername]@[remotehostname]

Now you can ssh from your machine to the remote machine without using passwords but still keeping the remote machine secure.

Written by Paul

May 13th, 2009 at 10:46 am

Posted in Linux,Tech Related Stuff

Tagged with , ,