Creating SSH keys

Owned by Gabe Castillo
Oct 05, 2021
2 min read

 

[sio-gcastillo@workstation ~]$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/sio-gcastillo/.ssh/id_rsa): Created directory '/home/sio-gcastillo/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/sio-gcastillo/.ssh/id_rsa. Your public key has been saved in /home/sio-gcastillo/.ssh/id_rsa.pub. The key fingerprint is: SHA256:ufN+gZXovvcnNBFhgwNthreTXISWnCoKLfaqGauz6Pw sio-gcastillo@workstation The key's randomart image is: +---[RSA 3072]----+ | .= *=. | | . &.o. | | . O * . | | + . ..o B . | | . + .So o . . | | o .o . o | | . . o. o . | |+ +. o. o . .| |=*=E .++ ..o | +----[SHA256]-----+

It is highly recommended to put a passphrase on your key.

You now have a public key(id_rsa.pub) & a private key(id_rsa). The public key can be added to a remote system to allow you to access it via ssh in a secure manner. Do NOT share the private key.

You can view the contents of your public key

[sio-gcastillo@gworkstation ~]$ cat ~/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC6J7AHGW7DeOUr2/VMqDPWhdAE4b3yWSInS+WAvwxrJlAkMqaT/lRbLWg3vJ73VTQNgy7YUROYdXtNb3A8RWfBDyE0lJuyJxzkPpqoFd46WUxuDfm5uZAibf7pokuAbPQd0r5A5oOq++WUuRQHFv64V5nk/J0mzbRxedG1uZcFwbYik9VTaH2+Y7C6wWt1dUkllQ7twQ5/5DUtfbZsuGsQDu1pIjtgZxXbwDPi1Vml3SEDD2ylX12ouYzOs4Ed1Vq2y2xM9xzH27Kq7jLqm4WpaDAaWCQFFobai4gwSf+06yO55W90/YOdR44ItOUC6mwxygxoRc+fIsCvX7HomYl5i+weJWzgniu0w/qQvZQcCSrWSNFH6SJwSeWC6rAsjahK41kwWfU5GSxqhNovY+sn2PJaoqfEjY4Nz2JSmiO6DFhvo5x0veF4/RIFUjfN/iC8otG59VEsbvHBQ1kRJUtEXZd5CPKH/xZz+eY12AEWWRkNSW2WCzWYImat8d68i2M= sio-gcastillo@workstation

 

To use this key we’ll want to get it added to the target system. There is a script that comes with many ssh clients to help with this, ssh-copy-id :

$ ssh-copy-id sio-gcastillo@geo-new.ucsd.edu /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'sio-gcastillo@geo-new.ucsd.edu'" and check to make sure that only the key(s) you wanted were added.

This can also be achieved manually by copy-pasting the public key and appending it to ~/.ssh/authorized_keys

 

You can login using the key. It can sometimes be helpful to tweak the SSH client configuration in your home directory, ~/.ssh/config