Search This Blog

Friday, August 8, 2008

SSH Public key based authentication - Howto

This howto covers generating and using ssh keys for automated:

a) Login

b) Make backups

c) Run commands from shell etc

Task: Generating ssh keys

1) Log on to your workstation ( for example log on to workstation called as vivek user). Please refer the following sample setup - You will be log in, on

2) Create the Cryptographic Key on FreeBSD workstation, enter:

$ ssh-keygen -t rsa

Assign the pass phrase (press [enter] key twice if you don't want a passphrase). It will create 2 files in ~/.ssh directory as follows:

  • ~/.ssh/id_rsa : identification (private) key
  • ~/.ssh/ : public key

3) Use scp to copy the (public key) to server as authorized_keys2 file, this is know as Installing the public key to server.

$ scp .ssh/

4) From FreeBSD workstation login to server:

$ ssh

5) Changing the pass-phrase on workstation (if needed):

$ ssh-keygen -p

6) Use of ssh-agent to avoid continues pass-phrase typing At freebsd workstation type:

$ ssh-agent $BASH
$ ssh-add

Type your pass-phrase

From here, whenever connecting to server it won’t ask for password. Above two commands can be added to ~/.bash_profile so that as soon as I login into workstation I can set the agent.

7) Deleting the keys hold by ssh-agent

a) To delete all keys

$ ssh-add -D 

b) To delete specific key

$ ssh-add -d key

c) To list keys

$ ssh-add -l

No comments: