Difference between revisions of "How To Set Up SSH Keys"
Khojanator (talk | contribs) (Created page with "This mini-tutorial assumes that you have the knowledge of SSH, remote servers (CS and Cluster worlds at Earlham, to be specific) and basic Unix environment. Let's begin. * St...") |
Khojanator (talk | contribs) |
||
| Line 2: | Line 2: | ||
* Step One - Create the RSA key pair | * Step One - Create the RSA key pair | ||
| − | + | user$ ssh-keygen -t rsa -b 4096 | |
-t specifies the type of key to create. You can check the possible options in the help. Since we are creating an RSA key, we will use -t rsa. -b flag specifies the number of bits for the key. It is common to use 2048 or 4096 as possible values for this flag. Press enter for all questions, you may change the defaults, but it is preferred not to. Also, it is common to leave the passphrase empty. The entire point of ssh keys is to make login easier and faster, and passphrase defeats the purpose, I believe. So, your public key will be saved in ~/.ssh/id_rsa.pub and private key will be saved in ~/.ssh/id_rsa. | -t specifies the type of key to create. You can check the possible options in the help. Since we are creating an RSA key, we will use -t rsa. -b flag specifies the number of bits for the key. It is common to use 2048 or 4096 as possible values for this flag. Press enter for all questions, you may change the defaults, but it is preferred not to. Also, it is common to leave the passphrase empty. The entire point of ssh keys is to make login easier and faster, and passphrase defeats the purpose, I believe. So, your public key will be saved in ~/.ssh/id_rsa.pub and private key will be saved in ~/.ssh/id_rsa. | ||
* Step Two - Copy the public id to remote host. | * Step Two - Copy the public id to remote host. | ||
| − | + | user$ ssh-copy-id user@remote.host | |
You can install ssh-copy-id if it doesn't exist already. | You can install ssh-copy-id if it doesn't exist already. | ||
OR, | OR, | ||
manually copy it as follows | manually copy it as follows | ||
| − | + | user$ cat ~/.ssh/id_rsa.pub | ssh user@remote.host "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys" | |
Note that, user@remote.host should be replaced with appropriate terms. | Note that, user@remote.host should be replaced with appropriate terms. | ||
* Step Three - Create a config file (Optional) | * Step Three - Create a config file (Optional) | ||
Now that you have the key setup, and know how to use vi editor, let's create a config file. Personally, I enjoy the ability to type `ssh tools` and let ssh config take over, instead of typing `ssh user@tools.cs.earlham.edu`. For that, | Now that you have the key setup, and know how to use vi editor, let's create a config file. Personally, I enjoy the ability to type `ssh tools` and let ssh config take over, instead of typing `ssh user@tools.cs.earlham.edu`. For that, | ||
| − | + | user$ vi ~/.ssh/config | |
Enter the insert mode | Enter the insert mode | ||
| − | + | Host $hostname_you_want_to_use # tools, from the example above | |
| − | + | HostName $complete_hostname # tools.cs.earlham.edu, from the example above | |
| − | + | User $username | |
$ sign indicates variable, so you should replace your username with $username, and you can use tools in place of $hostname_you_want_to_use, tools.cs.earlham.edu in place of $complete_hostname. | $ sign indicates variable, so you should replace your username with $username, and you can use tools in place of $hostname_you_want_to_use, tools.cs.earlham.edu in place of $complete_hostname. | ||
Similarly, you can add more hosts to this config file with a line space between each. | Similarly, you can add more hosts to this config file with a line space between each. | ||
Revision as of 14:26, 26 December 2018
This mini-tutorial assumes that you have the knowledge of SSH, remote servers (CS and Cluster worlds at Earlham, to be specific) and basic Unix environment. Let's begin.
- Step One - Create the RSA key pair
user$ ssh-keygen -t rsa -b 4096
-t specifies the type of key to create. You can check the possible options in the help. Since we are creating an RSA key, we will use -t rsa. -b flag specifies the number of bits for the key. It is common to use 2048 or 4096 as possible values for this flag. Press enter for all questions, you may change the defaults, but it is preferred not to. Also, it is common to leave the passphrase empty. The entire point of ssh keys is to make login easier and faster, and passphrase defeats the purpose, I believe. So, your public key will be saved in ~/.ssh/id_rsa.pub and private key will be saved in ~/.ssh/id_rsa.
- Step Two - Copy the public id to remote host.
user$ ssh-copy-id user@remote.host
You can install ssh-copy-id if it doesn't exist already. OR, manually copy it as follows
user$ cat ~/.ssh/id_rsa.pub | ssh user@remote.host "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys"
Note that, user@remote.host should be replaced with appropriate terms.
- Step Three - Create a config file (Optional)
Now that you have the key setup, and know how to use vi editor, let's create a config file. Personally, I enjoy the ability to type `ssh tools` and let ssh config take over, instead of typing `ssh user@tools.cs.earlham.edu`. For that,
user$ vi ~/.ssh/config
Enter the insert mode
Host $hostname_you_want_to_use # tools, from the example above HostName $complete_hostname # tools.cs.earlham.edu, from the example above User $username
$ sign indicates variable, so you should replace your username with $username, and you can use tools in place of $hostname_you_want_to_use, tools.cs.earlham.edu in place of $complete_hostname.
Similarly, you can add more hosts to this config file with a line space between each.
