The objective of the generation and export of the SSH keys is the possibility to connect to the server without typing a login / password.

Server

On the server, .ssh directory must be present in home directory of the user used by the client. For instance, if the client use vincent account to the connection to the server :

$ mkdir /home/vincent/.ssh

Client

Two steps are necessary on client side to allow a connection to a distant server with SSH Keys : Generationn, Export.

Generation

You can generate SSH Keys with the following command :

$ ssh-keygen -t rsa 

If have already keys, .ssh directory in your home directory is not empty. (~./ssh/id_rsa.pub exists)

For more security, you can add a passphrase during keys creation with command :

$ ssh-keygen -t rsa -p

Export

There are two ways to export keys to a server :

$ cat ~/.ssh/id_rsa.pub | ssh user@distant_host "cat >> .ssh/authorized_keys"

or

$ ssh-copy-id -i ~/.ssh/id_rsa.pub user@distant_host

Now, you can connect to the server without typing a password :

$ ssh user@distant_host

Change SSH Key passphrase

You can change your ssh passphrase :

$ ssh-keygen -f ~/.ssh/id_rsa -p

Next Post Previous Post