How to use ssh keys

From XMission Wiki
Revision as of 10:09, 4 March 2013 by Jab (talk | contribs)
Jump to: navigation, search

Setting up public key authentication over SSH

SSH Keys server as a means of identifying yourself to a Secure Shell (SSH) server using public-key cryptography and challenge-response authentication.

  • An SSH key is made up of two seperate keys -
    • A Private Key - which should be only known to you and be kept private.
    • A Public Key - which can be shared freely with any SSH server.
  • Advantages of using SSH Keys
    • Your password is never sent over the network
    • You can connect to multiple servers without having to remember to enter your password for each attempt.
  • Below we will take you though some of the basic step of creating SSH keys.

Linux

  • ssh-keygen - is the tool you will use to generate an SSH key pair in Linux

$ ssh-keygen -t <type>

  • The -t option will allow you to specify the type of encryption to use while creating the key pair. Here are your choices...
    • DSA - 1024 bit algorithm
    • RSA - 2048 - 4096 bit algorithm (recommended)
    • ECDSA - Elliptic Curve Digital Signature Algorithm that provides smaller key sizes and faster operations.
  • To create an SSH key that uses RSA you would type the following ...

$ssh-keygen -t rsa

  • You will be prompted for some information

Enter the file in which to save the key (/user/.ssh/id_rsa):

  • You can just press enter here as it will save to your home space in a directory called .ssh

Enter passphrase (empty for no passphrase):

  • Entering in a passphrase will give you more security - however if your overall goal is to not have to enter a password everytime you ssh to a server then you do not need to enter a passphrase.
  • The entire process will look something like this
ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save teh key (/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /user/.ssh/id_rsa.
Your public key has been saved in /user/.ssh/id_rsa.pub.
The key fingerprint is:
e7:38:47:65:25:71:ff:1c:ee:e4:a8:37:31:0d:58:80 user@server
The key's randomart image is:
+--[ RSA 2048]----+
|          ..+.o  |
|         E   = . |
|            =  ..|
|           + ...o|
|        S o   ooo|
|         =   o=. |
|        o o  .oo |
|         o  .o   |
|           .. .  |
+-----------------+


Windows

Mac