SSH Keys et al

From packets2photons
Jump to navigation Jump to search

This page will walk you through:

  • Installing and running openssh
  • Generating public and private keys for passwordless logins
  • Scripting logins to multiple servers simultaneously

Installing and running OpenSSH-server

Start by ensuring that the machine that you are trying to ssh into has the openssh server installed. In ubuntu:

sudo apt install openssh-server

In Arch

pacman -S openssh

You can check whether it is running with

sudo systemctl status sshd

If you want to run it at boot you can do a

sudo systemctl enable sshd

If it is not running, you can start it with

sudo systemctl start sshd

Creating and installing the keys

To create the keypair, run:

ssh-keygen -t rsa

Then cd into .ssh and examine the two files created:

cd .ssh
ls -la

You should see that you have created two files id_rsa and The id_rsa file is your private key and is your public key. I generally use scp to transfer the public key another machine.

The text found within should be appended to the file .ssh/authorized_keys in the other machine. After performing this operation, you should be able to login, from the machine that was transferred the public key, to the machine that ran ssh-keygen. Put your public key on any machine that you would like to automatically have passwordless login.

Adding a hosts entry

If you are logging into a machine frequently, and that machine has a static IP address, I would also add an entry into /etc/hosts. Simply open the file

sudo vim /etc/hosts

And add a simple line to the end, obviously substituting the IP address and name to one that is relevant for you. internet-server

After this, the following one line should log you into your server without a password

ssh internet-server

Logging into many servers

If you regularly log into multiple servers simultaneously, I usually create a bash script file and give it execute permissions. you can adapt the sample content below:

 gnome-terminal -x ssh pi@internet-server1
 gnome-terminal -x ssh pi@internet-server2
 gnome-terminal -x ssh pi@internet-server3
 gnome-terminal -x ssh pi@internet-server4