SSH Public Key Usage

Posted January 30, 2004 by Al Banks in OpenSSH

The following describes the creation and distribution of SSH public keys for ease of access to remote machines.

First, create an SSH key pair on the client machine.

ssh-keygen -t rsa

You may want to change the keylength. Also, if you specify a password for the key, you will need to enter this password in order to connect to remote machines. Although not recommended, you can just hit the enter key for no password and be able to access remote machines without a password. Obviously, this is a less secure method.

The private key will be created in a file called id_dsa while the public key is found within the id_dsa.pub file. Next, sftp the .ssh/id_rsa.pub to the remote machine. If this is the first time this has been done, you can use the following code:

sftp [email protected]
put .ssh/id_rsa.pub authorized_keys

If other keys exist, use this code instead:

put .ssh/id_rsa.pub username.pub
ssh [email protected]
cat username.pub >> .ssh/authorized_keys

At this point, you should be able to ssh in from the client machine and be granted access via the SSH public key:

ssh [email protected]

The same public key, in the id_rsa.pub file, can be copied in this manner to any other SSH hosts you wish to access. Some ssh client applications are unable to generate key pairs directly. Just use the ssh-keygen command as described above and then copy both the private and public keys to the proper locations.

The Conversation

Follow the reactions below and share your own thoughts.