ssh with key files

The advantages of using SSH key-based include:

  • Improved security
  • Easier access to ssh (if password keys are not used)

Clearly use of unique password encrypted keys gives best security. However if a user has access to you terminal and user password they effectively have full system access anyway.

The use of sudo should not be necessary as the keys created should be user based.

The ssh-keygen command is used to create ssh key pairs

Use man ssh-keygen to see options and description of command.

  • ssh-keygen creates a SSH key pair. The defaults are:
    • home directory /homeuser/.ssh
    • public key /home/user/.ssh/id_rsa
    • private key /home/user/.ssh/
  • ssh-keygen -f .ssh/key-with-password creates a SSH key with non-default name and location. The defaults are:
    • public key /home/user/.ssh/key-with-password
    • private key /home/user/.ssh/

During further SSH key pair generation, if you do not specify a unique file name, you are prompted for permission to overwrite the existing id_rsa and files. If you overwrite the existing id_rsa and files, you must then replace the old public key with the new one on ALL of the SSH servers that have your old public key.

Once you have generated the keys, they are stored in the /user/home/.ssh/ directory with the following permissions:

  • Private key - 600
  • Public key - 644

Some examples:

  • ssh-copy-id -i .ssh/ user@destination generic example
  • ssh-copy-id -i .ssh/ john.doe@ Will copy the default created key to IP for user john.doe

The remote ssh will ask for remote shell password.

Use man ssh–copy-id to see options and description of command.

  • /app/www/public/data/pages/tech_notes/ssh.txt
  • Last modified: 2024-03-09 Sat wk10 10:45
  • by baumkp