How do I setup Public-Key Authentication for SSH?
If you have SSH installed, you should be able to run..
ssh-keygen
Then go through the steps, you'll have two files, id_rsa
and id_rsa.pub
(the first is your private key, the second is your public key - the one you copy to remote machines)
Then, connect to the remote machine you want to login to, to the file ~/.ssh/authorized_keys
add the contents of your that id_rsa.pub
file.
Oh, and chmod 600
all the id_rsa*
files (both locally and remote), so no other users can read them:
chmod 600 ~/.ssh/id_rsa*
Similarly, ensure the remote ~/.ssh/authorized_keys
file is chmod 600
also:
chmod 600 ~/.ssh/authorized_keys
Then, when you do ssh remote.machine
, it should ask you for the key's password, not the remote machine.
To make it nicer to use, you can use ssh-agent
to hold the decrypted keys in memory - this means you don't have to type your keypair's password every single time. To launch the agent, you run (including the back-tick quotes, which eval the output of the ssh-agent
command)
`ssh-agent`
On some distros, ssh-agent is started automatically. If you run echo $SSH_AUTH_SOCK
and it shows a path (probably in /tmp/) it's already setup, so you can skip the previous command.
Then to add your key, you do
ssh-add ~/.ssh/id_rsa
and enter your passphrase. It's stored until you remove it (using the ssh-add -D
command, which removes all keys from the agent)
For windows this is a good introduction and guide
Here are some good ssh-agents for systems other than linux.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With