[email protected]:~> ssh-keygen -t dsa Generating public/private dsa key pair.
Enter file in which to save the key (/home/justin/.ssh/id_dsa): Enter passphrase (empty for no passphrase): Enter same passphrase again:
Your identification has been saved in /home/justin/.ssh/id_dsa. Your public key has been saved in /home/justin/.ssh/id_dsa.pub. The key fingerprint is:
In this example, we created a key pair using the DSA encryption algorithm. The SSH protocol has two levels, protocol 1 and protocol 2. Protocol 2 is inherently more secure. To make sure you create an SSH v2 key pair, pass either dsa or rsa as the key type with -t on the command line.
Our keys are saved in ~/.ssh/, providing us with a means to copy our public key over to another server so that we can log in. In the case of DSA, our public key is called id_dsa.pub and our private key is called id_dsa.
j f - - p Your private key must be kept private from any other user at all costs, particularly if
„■ *«■'-■ - ,t . you choose not to enter a passphrase.
On the machine on which we want to log in securely, we need to copy our public key over to the file ~/.ssh/authorized_keys (see Listing 15-12). The authorized keys file contains public keys for a specific user that will enable them to log in. Only this user will use the PPK pair; it is not system-wide.
We can do this manually by first copying the public key to the other server and then appending it to the authorized_keys file.
Was this article helpful?