Setting up SSH public/private keys

SSH can be set up with public/private key pairs to have a personal security control onto your ssh connection.

To obtain your public and private keys, on your client machine you only need to type:

$ ssh-keygen -t rsa -C "John Doe "

where instead “John Doe” you must insert your name and surname.
The output is:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/fra/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):

where you have to insert the filename for your key (for example “fcastagnotto_key”) and the passphrase to protect the use of your private key (lika a password).

After that, the command shows the key fingerprint and the key’s randomart image of your public key and then, your keys are created!!

You can find your private key (for me is the file fcastagnottoLINUX_key) and your public key (for me is the file under the directory where you have been done this procedure.

Then, if your keys aren’t under your ~/.ssh/ folder, you have to move them there. For my keys, this is the command:

$ sudo mv fcastagnottoLINUX_key* .ssh/ -v

To complete the setup for the key recognition, you must copy your public key into your remote server whit the command

$ ssh-copy-id user@

where the you have to replace user with your remote user and whit the IP address of your remote machine. This command place your public key into the remote machine’s authorized_keys file. (This command ask you to insert the remote user’s password for the copy of the key)

At this point, you can test your remote recognition with

$ ssh user@

and you should have to insert your passphrase, to correct login into your remote machine!!

Enjoy! 😉


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: