Creating and Using an SSH Key
This section is operating system agnostic, except that you are expected to do this on a *nix (most likely linux) system when you do it. If you don't have a username and password for that system, you need to get that first. Also, you will need a way to copy your private key to your machine. You can just use SCP if your machine is a Mac or linux machine. On Windows, you can use a program like WinSCP.Generating an SSH Key
First you need a .ssh directory. Files and directories preceded by a dot (.) operator are hidden. They only show up is you use anls -a
. In this case, the .ssh directory holds your public and private keys. The public key is what you put on someone else's machine to identify yourself. The private key is what you keep on your machine to identify yourself. If you do not already have an .ssh directory in your home directory, you need to make one. Go to your home directory and make one.cd ~ mkdir .ssh chmod 700 .ssh
To generate a key, you just use the command
ssh-keygen
, then just accept all the defaults when prompted. When asked for a passphrase, keep in mind that this is for the key. If
you provide one, you will have to provide it every time you use they
key, which rather defeats our purpose for using it in the first place.ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/dnoel/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/dnoel/.ssh/id_rsa. Your public key has been saved in /home/dnoel/.ssh/id_rsa.pub. The key fingerprint is: 17:af:00:f2:b1:86:5c:2e:6e:b4:54:42:ad:1c:55:9e dnoel@law
Using a Public Key
Once you've created the keys, you need to put your public key in the authorized_keys file on that box. To do that from your home directory, do the following:
cd .ssh touch authorized_keys chmod 600 authorized_keys cat id_rsa.pub >> authorized_keys
You can now rm the id_rsa.pub file if you wish. If you want to use this key on multiple machines, you want to follow the same process. Alternately, if you do not already have an authorized_keys file on the other machines either, you can just copy the one you made to the new machines. For example, to copy authorized_keys to my staging environment, I could use:
scp authorized_keys stage:~/.ssh
This would copy the file to my home directory on staging. If I needed to identify the destination server and myself more specifically, I could use something more descriptive:
scp authorized_keys dnoel@stage.localnet:~/.ssh
Using a Private Key
For every server that you want to log in from using your ssh key, you need your private key in the .ssh directory on that machine. Just copy yourid_rsa
file to any machine you will be coming from.That's all there is to it! If you want to login using Putty on Windows, read on.Using an SSH Key with Putty and Pageant
Once you've created your key, you need to tell Putty about it. Putty doesn't handle keys, but Pageant does. So download Pageant. To use your newly generated key with Pageant however, you will need to make it into a compatible .ppk file. To do so, you need to download Puttygen as well.Generating a .PPK File
- Run Puttygen, and when it opens, press the Load button.
- Select All Files from the file type drop-down, and navigate to your id_rsa file.
- Click Ok on the dialog box.
- Press the Save Private Key button.
- Click Yes on the dialog that pops up asking if you want to save it without a passphrase.
- Save the Private Key somewhere where you can find it.
Loading a .PPK Into Pageant
- Start Pageant.
- If necessary, find it in your hidden icons on the right-hand side of the taskbar and right-click on Pageant.
- Select View Keys from the context menu.
- When the dialog opens, click the Add Key button.
- Navigate to your .ppk private key.
- Close Pageant (it's still running in the background.)
Running Putty With An SSH Key
As long as Pageant is running with your key loaded, when you run Putty to connect to your server, you should not be asked for a password. It should automatically connect.References
Article on setting up SSH on Linux boxes: http://sshkeychain.sourceforge.net/mirrors/SSH-with-Keys-HOWTO/SSH-with-Keys-HOWTO-4.htmlArticle on Multi-Hop SSH Logins using keys: http://sshmenu.sourceforge.net/articles/transparent-mulithop.html