TOP
Home > Blog > Add SSH Keys To A New Remote Server

Add SSH Keys To A New Remote Server

Posted by Derek on October 14, 2014

If you haven’t create a public/private key pair, do that first.

$ ssh-keygen -t rsa
    Generating public/private rsa key pair.
    Enter file in which to save the key (/home/dgraham/.ssh/id_rsa):
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /home/dgraham/id_rsa.
    Your public key has been saved in /home/dgraham/id_rsa.pub.
    The key fingerprint is:
    8e:4b:e8:d0:38:cf:b9:96:d4:14:a3:dc:77:31:af:32 dgraham@server03
    The key's randomart image is:
    +--[ RSA 2048]----+
    |                            |
    |    o                      |
    |     +                     |
    |    o o                   |
    | . o = .F                |
    |  Eo+.+O              |
    |  ++ooo..              |
    |   *oo .                  |
    |   .*..                     |
    +----------------------+

Now log in to the remote server and make sure the SSH daemon is configured to allow public key authentication:

PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys2

While still on the remote server create the directory to store you public key in your home directory:

~ $ mkdir .ssh
~ $ chmod 0700 .ssh

Back on you localhost, copy your public key to the remote host:

scp ~/.ssh/id_rsa.pub me@remote-server.com:~/.ssh/authorized_keys2

The name and path of the authorized keys file must match the setting in the sshd_config. Now you should be able to log in to your remote server without entering a password - ssh me@remote-server.com.

To make things even easier use a SSH config file to set up an alias for the server. This is especially useful if your username on the remote server is different from that on the local host.

$ cd ~/.ssh
$ vi config

Create an entry for each server:

Host production
    Hostname whatever.com
    HostKeyAlias production
    CheckHostIP no
    Port 22
    User myusername

Now all I need to do is type ssh production and I’m logged in. Using the config file will also provide tab completion of the host alias. Also, if you have multiple public/private key pairs the config file can be used to specify which file to use with the following line:

IdentityFile ~/.ssh/another_pub.key

Leave a Reply



(Your email will not be publicly displayed.)


Captcha Code

Click the image to see another captcha.