|
Size: 1455
Comment:
|
Size: 2579
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 5: | Line 5: |
| 1. On the local machine, run <<BR>><<BR>>{{{ssh-keygen -t rsa}}} This will create a public-private key pair (one file will be created to contain the public key, and one will be created to contain the private key). | 1. On the local machine, run <<BR>><<BR>>{{{ssh-keygen -t rsa}}}<<BR>><<BR>> This will create a public-private key pair (one file will be created to contain the public key, and one will be created to contain the private key). |
| Line 7: | Line 7: |
| 1. 1. Go to DESTINATION host. Copy key contents of SOURCE id_rsa_stuff.pub into DESTINATION's authorized_keys file. 1. make sure DESTINATION authorized_keys is permission 600 1. on SOURCE machine, source the agent - source ~/.ssh-agent (check that .ssh-agent is the filename using ls -a command). 1. on SOURCE machine, do ssh-add .ssh/id_rsa_stuff 1. Try it. ssh user@DESTINATION 1. Should just work with no password. |
1. Hit the return key twice to not create a passphrase. Alternately, you could create a passphrase, but then you will be prompted for the passphrase when you run the ssh command, unless you wish to use ssh-agent to automate authentication of the passphrase for you (see step 6 below). 1. On the remote machine, create the .ssh folder, if it does not exist, in the home directory (<home dir>) of the account you wish to ssh to. Make it have permissions 700. 1. APPEND the contents of the public key you generated on the local machine in step 2 to the authorized_keys file in the <home dir>/.ssh directory of the remote host:<<BR>><<BR>>{{{> cat .../<filename>.pub >> <home dir>/.ssh/authorized_keys}}}. Ensure that the permissions of authorized_keys is 644. 1. If in step 3 you entered a passphrase when creating the public-private key pair, you can configure and run ssh-agent to provide the passphrase for you when you run ssh, obviating the prompt for a passphrase when you run ssh. To do this run<<BR>><<BR>>>{{{> ssh-agent -c > ~/.ssh-agent # start ssh-agent, and save environment settings into a file to be used by ssh-agent clients<<BR>><<BR>> >source ~/.ssh-agent_dev # set the client's environment variable settings (needed to run ssh-add)<<BR>><<BR>>ssh-add /home/jsoc/.ssh/id_rsa # add the private key to ssh-agent's memory tables (this will require typing the key's passphrase)}}} 1. Try running ssh:<<BR>><<BR>>{{{> ssh <user>@<remote host>}}}<<BR>><<BR>>You should connect without being prompted for a password. |
Some quick notes on the sequence for installing ssh keys.
If you are creating this public-private key to make ssh not prompt for a password when you ssh from one JSOC machine to another, then stop at step 5. The local and remote machines are one in the same if you are creating these keys for this purpose. These first 5 steps will also allow you to issue CVS commands without having to enter a password.
On the local machine, run
ssh-keygen -t rsa
This will create a public-private key pair (one file will be created to contain the public key, and one will be created to contain the private key).You get to choose the names of the files into which the keys are saved. You can select the default filename if you wish (if the file already exists, it will be overwritten). If not, and you choose a filename of <filename>, then the private key will be stored in <your home directory/.ssh/<filename>, and the private key will be stored in <your home directory/.ssh/<filename>.pub
- Hit the return key twice to not create a passphrase. Alternately, you could create a passphrase, but then you will be prompted for the passphrase when you run the ssh command, unless you wish to use ssh-agent to automate authentication of the passphrase for you (see step 6 below).
On the remote machine, create the .ssh folder, if it does not exist, in the home directory (<home dir>) of the account you wish to ssh to. Make it have permissions 700.
APPEND the contents of the public key you generated on the local machine in step 2 to the authorized_keys file in the <home dir>/.ssh directory of the remote host:
> cat .../<filename>.pub >> <home dir>/.ssh/authorized_keys. Ensure that the permissions of authorized_keys is 644.If in step 3 you entered a passphrase when creating the public-private key pair, you can configure and run ssh-agent to provide the passphrase for you when you run ssh, obviating the prompt for a passphrase when you run ssh. To do this run
>> ssh-agent -c > ~/.ssh-agent # start ssh-agent, and save environment settings into a file to be used by ssh-agent clients<<BR>><<BR>> >source ~/.ssh-agent_dev # set the client's environment variable settings (needed to run ssh-add)<<BR>><<BR>>ssh-add /home/jsoc/.ssh/id_rsa # add the private key to ssh-agent's memory tables (this will require typing the key's passphrase)Try running ssh:<<BR>><<BR>>{{{> ssh <user>@<remote host>}}}
You should connect without being prompted for a password.