Generating and Using Keys

In most cases, you will want to generate SSH keys for your own accounts and perhaps your root account. Use ssh-keygen for this. A reference for the needed commands appears at the end of this section (the short of it is: run ssh-keygen -t dsa and press the Enter key at all the prompts). This key allows password-less remote logins, as long as PubkeyAuthentication is enabled in the server configuration file.

In ~/.ssh/id_dsa.pub you can find the public key you’ve generated through ssh-keygen. You need to transport this key to the remote machine. Because it’s a public key, it does not need to be secure. On the remote machine, put the key at the end of ~/.ssh/authorized_keys2. Once the key is in that file, all users who have the private-key counterpart will be able to log in to that remote account without a password.

Get LPI Linux Certification in a Nutshell, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.