Author: Josh Glover
Introduction
This guide instructs you on creating an SSH keypair to use for passwordless authentication. This solution should not be used for serious security; see instead ssh-agent.
Generating a Keypair
To generate a keypair, run:
ssh-keygen -t dsa
(you are advised not to protect the key with a password, as you will then be prompted for the password everytime you connect). The keypair will be saved (by default) in $HOME/.ssh/id_dsa, and $HOME/.ssh/id_dsa.pub (the .pub file is the public key, and the other is the corresponding private key).
Setting Permissions
Now, set the permissions to protect your $HOME/.ssh/ directory. (Note that these modes are the most lax permissions that these files and directories are allowed to have. You may certainly set the permissions stricter.)
chmod 711 $HOME/
chmod 700 $HOME/.ssh/
chmod 644 $HOME/.ssh/*
chmod 600 $HOME/.ssh/id_dsa
Adding Public Key to Remote authorized_keys Files
Finally, add the public key to the $HOME/.ssh/authorized_keys file on each machine to which you wish to connect and set the correct permissions. (Note that you will be prompted for a password with each command. An alternative is to login to server and run the commands locally. If you do so, remove the quoting from the rightmost arguments.)
cat $HOME/.ssh/id_dsa.pub server 'cat >>.ssh/authorized_keys'
ssh server chmod 711
“$HOME/
”
ssh server chmod 700
“$HOME/.ssh
”
ssh server chmod 644
“$HOME/.ssh/authorized_keys
”
For each machine you want to be able to connect from, first copy the id_dsa file (the private key) to that machine, then follow the above steps.
SSH_Keypair_Authentication