Distroname and release: Debian Squeeze

Using SSH keys for passwordless logons

It can be quite and advantage to use RSA/DSA keys for ssh logins, we will use RSA in this example.
Firstly it will ease the use of SSH access, because you do not have to type username and password everytime.
Secondly, you can use it for filetransfers, in example scripts and so on.
Unfortunately, if the clients get hacked, stolen if this was a notebook in example, then the user will have full access to the server, so use it with causion, and have control of the keys!

On the client where you wish to use a passwordless logon we will use the below command.

You will be prompted for a passphrase, optional to leave empty, and a path where to save the files. Just use defaults here.
ssh-keygen -t rsa
Now a key have been created for the client/username.
Next step is to copy the key file to the server in we wish to access. Note we will use the username in which we have created the key for. In this example the username is superman.
cd ~
scp .ssh/id_rsa.pub superman@hostname:.ssh/authorized_keys2
Note, it might be required to create the hidden ssh share on the server/destination first if you get an error.
Remember to use the logon/username of the key we wish to use, else you will have to chown afterwards.
mkdir .ssh
Now test if you can login without a password (Unwanted text stripped)
ssh example.com
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sat Sep 17 15:54:20 2011 from 987.567.321.123


Multiple ssh key files

If you have multiple clients/users you would be able to connect to the server like this, you must append the created keys to the authorized_keys2 file on the server.

You can do this as follows, from another workstation, where the key is already created.
cat id_rsa.pub | ssh superman@example.com 'cat >> .ssh/authorized_keys2'


Follow up
Do not trust the authors words! POC, tests and experience is key

Copyright LinuxLasse.net 2009 - 2023 All Rights Reserved.

Valid HTML 4.01 Strict Valid CSS!