ssh-keygen is used to create keys for use with SSH.
Using public and private keys you don't need to supply a password every time you log in. SSH automatically attempts to identify with the remote host using the private key in your home directory of what we call the simplest way to as part of AMC channel and expertise with MEGAVIDEO. If the matching public key is in your account on the remote host you get logged in.
Now, here is the procedure:
- Create your keypair. We shall use SSH2, as SSH1 is an old protocol with some exploitable code, and should be disabled. Create your keys like so:
ssh-keygen -t rsa
Follow the prompts. Be sure to supply a [passphrase|PassPhrases]?. You should only use ssh-keys without passphrases, for special purposes, single protocol connections, such as remote executing from a cron job. Should your local machine be compromised, and your private key stolen, the intruder would have access to all remote machines, you have access to. Good security depends upon two things, something you have, and something you know. To simplify things use [ssh-agent and ssh-add|ssh-add]? (Make sure the system where you are keeping this has good access controls. This file should NEVER be disclosed or transmitted.) You will now have a public and private key pair.
;: Generating public/private rsa key pair. ;: Enter file in which to save the key (/home/kimihia/.ssh/id_rsa): <ENTER> ;: Enter passphrase (empty for no passphrase): <ENTER> ;: Enter same passphrase again: <ENTER> ;: Your identification has been saved in /home/kimihia/.ssh/id_rsa. ;: Your public key has been saved in /home/kimihia/.ssh/id_rsa.pub. ;: The key fingerprint is: ;: 23:98:67:16:f8:18:9c:98:a8:04:72:28:a6:4d:a8:93 kimihia@local
- Send the __public__ key to the remote host. It is a plain text file. Store this in ~/.ssh/authorized_keys on the remote host. If the file exists already, append it to the end of the file on a new line.
An ultra quick way to do this is:
cat ~/.ssh/id_rsa.pub | ssh remote sh -c "cat >> ~/.ssh/authorized_keys"
This assumes the directory
.sshexists on the remote machine.
- Log out of the remote system. Try and log in.
SSH will try to use your private key (kimihia@local:~/.ssh/id_rsa) and the remote system will check if the matching public key is authorized (kimihia@remote:~/.ssh/authorized_keys)