Add SSH Keys To A New Remote Server
If you haven’t create a public/private key pair, do that first.
$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/dgraham/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/dgraham/id_rsa. Your public key has been saved in /home/dgraham/id_rsa.pub. The key fingerprint is: 8e:4b:e8:d0:38:cf:b9:96:d4:14:a3:dc:77:31:af:32 dgraham@server03 The key's randomart image is: +--[ RSA 2048]----+ | | | o | | + | | o o | | . o = .F | | Eo+.+O | | ++ooo.. | | *oo . | | .*.. | +----------------------+
Now log in to the remote server and make sure the SSH daemon is configured to allow public key authentication:
PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys2
While still on the remote server create the directory to store you public key in your home directory:
~ $ mkdir .ssh ~ $ chmod 0700 .ssh
Back on you localhost, copy your public key to the remote host:
scp ~/.ssh/id_rsa.pub firstname.lastname@example.org:~/.ssh/authorized_keys2
The name and path of the authorized keys file must match the setting in the sshd_config. Now you should be able to log in to your remote server without entering a password - ssh email@example.com.
To make things even easier use a SSH config file to set up an alias for the server. This is especially useful if your username on the remote server is different from that on the local host.
$ cd ~/.ssh $ vi config
Create an entry for each server:
Host production Hostname whatever.com HostKeyAlias production CheckHostIP no Port 22 User myusername
Now all I need to do is type ssh production and I’m logged in. Using the config file will also provide tab completion of the host alias. Also, if you have multiple public/private key pairs the config file can be used to specify which file to use with the following line: