Dan Klassen

If you need to manage multiple remote servers, you’ve probably had the joy of needing to remember numerous passwords. With ssh keys, you can eliminate the need of typing in a password each time you log into a server via ssh. As an added bonus, the key that will be used will be much (much) longer than any password you would sanely type in.

To utilize ssh keys, you will need to generate a private / public key pair on your local machine. To do this, type:

ssh-keygen -t rsa

to generate a RSA encrypted keyset. When you do this, it will ask you where to save it, just hit enter to use the defaults. The next question will be what passphrase you would like to use. This can be an effective way to double up your security. If you set this, you will need both the key that will be generated, as well as this passphrase to log into the remote server. If you are going for a secure setup, this is most likely the way to go.

After you have create your public and private key (both will be generated using the previous command), take a look at your public key by typing

vi ~/.ssh/id_rsa.pub

Copy the entire contents of this file so we can let the server know to authorize this key. Log into your server as you normally would and then:

vi ~/.ssh/authorized_keys

If the file did not exist already, just create it. This is the default place that OpenSSH will look for authorized keys. Now, paste the content of the key into the end of this file and save it.

Viola, that should do it. Try exiting from the server, and then re-logging in. If you used a passphrase in the initial step, enter that now, otherwise, you should be directly logged in as your user on the server.

This can be quite handy for setting up backup cron jobs between servers, or any other scripts which would normally require a password. Now you can keep the passwords out of the shell scripts and just let them do their thing.

Tags: security, server admin

Filed under security.