Copying Our Public SSH Key to Another Server

j[email protected]:~> scp ~/.ssh/id_dsa_pub [email protected]:/root/.ssh/ Password:

[email protected]:~> ssh [email protected]

Password:

Last login: Mon Jan 28 16:00:40 2008 from bible Have a lot of fun... [email protected]: /root # cd ~/.ssh [email protected]: /root/.ssh # cat id_dsa.pub >> authorized_keys [email protected]: /root/.ssh # logout

We will talk about the scp (secure copy) command later in the chapter. For now, note that it uses the SSH protocol and an encrypted channel to send files to and from remote servers.

When we have copied over our SSH public key to the file authorized_keys, we can log in to the remote server with our passphrase as opposed to our password, as follows:

[email protected]:~> ssh [email protected]

Enter passphrase for key '/home/justin/.ssh/id_dsa': Last login: Tue Jul 6 04:31:19 2005 from bible.suse.com Have a lot of fun...

Notice this time that we were asked for our passphrase and not a password. The SSH server does not query the user database for our password but accepts the fact that we are trusted because we have a valid public and private key partnership.

If we had not entered a passphrase when we created the key pair, we would have been granted access to the system without any user intervention. Even though it is not as secure as the passphrase or the traditional password system, it proves invaluable when you need to write a script that automatically logs in to a remote server without any user intervention.

- r ■ r j As an alternative to the preceding procedure, you can use the command

MHMfefiAiW^^M: ssh-copy-id to add your public key to a user account on a remote machine. For instance, the command:

ssh-copy-id -i ~/.ssh/id_dsa.pub [email protected] will append my DSA public key to the authorized_keys file in peter's account on the server rabbit. To do this will, of course, require peter's password on rabbit. But once this has been done you will be able to log in to rabbit as user peter without a password (but with a passphrase if your SSH key is protected by one).

Was this article helpful?

0 0

Post a comment