Pages
About Me
Links
Tags
PERSONAL 520
SPIRITUAL 416
LDS 312
BOOK OF MORMON 237
SCRIPTURES 154
STUDIO-JOURNEY 129
RELIGION 112
LINUX 79
COMPUTERS 65
LIFE 60
GENERAL CONFERENCE 46
GENTOO 39
MISCELLANEOUS 37
MUSIC 37
PROGRAMMING 33
CARS 29
MICROSOFT 23
FAMILY 23
AUDIO 21
I LOVE MY JOURNAL 18
FUN 15
CHILDREN 12
CURRENT EVENTS 10
NATURE'S WAY 10
VIDEO 9
DRM 9
CONEXM 7
BABBLINGS 7
PROVO CITY CENTER TEMPLE 6
FRIENDS 6
HEROD THE FINK 5
GAMES 5
COMPUTER HARDWARE 5
DRUMS 4
HAND OF GOD 3
ADVERSITY 3
KDENLIVE 3
AUDIO HARDWARE 3
GENERAL INSANITY 3
STUDIO 3
THANKS4GIVING 2
CATS 2
MY JOURNAL 1
POETRY 1
FOREVERGREEN 1
EVERYDAY THOUGHTS 1
GOSPEL 1
PARENTING 1
YOUTH CONFERENCE 1
CHURCH NOTES 1
POLITICS 1
RSS Feed
Subscribe!Mon - Aug 25, 2008 : 04:48 pm
tired
 |
|
|
|
|
rated 0 times |
Generating SSH Key Pairs
Today I needed to sync a file on two servers using ssh, and I needed to do it automatically. I knew that ssh could use key-pairs to enable a secure authentication system without requiring passwords, but I couldn't remember how to do it. I googled a bit and found this gem of a tutorial on how to do precisely what I needed: I'll post both the link and the text, just for easy future reference.
Here's the text:
To {ssh, scp} from HostA to HostB without issuing a password:
On both HostA and HostB,
mkdir ~/.ssh
chmod 0700 ~/.ssh
On HostA,
cd .ssh ssh-keygen -t rsa1 -C "Some comment"
ssh-keygen -t rsa -C "Some comment"
ssh-keygen -t dsa -C "Some comment"
Each of the 'ssh-keygen' commands will prompt you for a passphrase. Choose something easy to remember but difficult to guess. The commands will produce the files
~/.ssh/identity, ~/.ssh/identity.pub
~/.ssh/id_rsa, ~/.ssh/id_rsa.pub
~/.ssh/id_dsa, ~/.ssh/id_dsa.pub
respectively.
The "*.pub" files are your public keys. The others are your private keys - guard them carefully. If they're stolen, then your account on HostB, or any other machine where you've set up public-key authentication, is wide open to the thief.
On HostA,
scp ~/.ssh/identity.pub HostB:~/.ssh/authorized_keys
cp ~/.ssh/id_rsa.pub some_temp_file
cat ~/.ssh/id_dsa.pub >> some_temp_file
scp some_temp_file HostB:~/.ssh/authorized_keys2
On HostB,
chmod 0600 ~/.ssh/authorized_keys
chmod 0600 ~/.ssh/authorized_keys2
Now you should be able to 'ssh' from HostA to HostB without a password, but 'ssh' will prompt you for a passphrase, because it needs to decrypt your private keys.
and here's the link:
http://osdir.com/ml/netbsd.help/2002-04/msg00162.html
Here's the text:
To {ssh, scp} from HostA to HostB without issuing a password:
On both HostA and HostB,
mkdir ~/.ssh
chmod 0700 ~/.ssh
On HostA,
cd .ssh ssh-keygen -t rsa1 -C "Some comment"
ssh-keygen -t rsa -C "Some comment"
ssh-keygen -t dsa -C "Some comment"
Each of the 'ssh-keygen' commands will prompt you for a passphrase. Choose something easy to remember but difficult to guess. The commands will produce the files
~/.ssh/identity, ~/.ssh/identity.pub
~/.ssh/id_rsa, ~/.ssh/id_rsa.pub
~/.ssh/id_dsa, ~/.ssh/id_dsa.pub
respectively.
The "*.pub" files are your public keys. The others are your private keys - guard them carefully. If they're stolen, then your account on HostB, or any other machine where you've set up public-key authentication, is wide open to the thief.
On HostA,
scp ~/.ssh/identity.pub HostB:~/.ssh/authorized_keys
cp ~/.ssh/id_rsa.pub some_temp_file
cat ~/.ssh/id_dsa.pub >> some_temp_file
scp some_temp_file HostB:~/.ssh/authorized_keys2
On HostB,
chmod 0600 ~/.ssh/authorized_keys
chmod 0600 ~/.ssh/authorized_keys2
Now you should be able to 'ssh' from HostA to HostB without a password, but 'ssh' will prompt you for a passphrase, because it needs to decrypt your private keys.
and here's the link:
http://osdir.com/ml/netbsd.help/2002-04/msg00162.html
Comment by anonymous on Aug. 26, 2008 @ 12:25 am
No need for scp the files, there is ssh-copy-id especialy for that purpose. And if you dun always want to enter your password you can use ssh-agent. Makes life more easy!