SSH Keys will allow data to move between two Linux servers without first prompting for a login. This is useful if you want to automate tasks but don’t want to pass a username and password. This is also safer than storing a password in a file and calling the file from a script. Keep in mind that it is much more secure to use a passphrase when setting up these keys.
- SSH to the two Linux machines, Space and Needle.
- On each machine type ssh somemachine.example.com and make a connection with your regular password. This will create an .ssh dir in your home directory with proper permissions.
- You may access this file by typing:
- On your primary server where you want your secret keys to live (let’s say Space), type:
ssh-keygen -t dsa
- This will prompt you for a secret passphrase. If this is your primary identity key, make sure to use a good passphrase. If this works right you will get two files called id_dsa and id_dsa.pub in your .ssh dir. Note: it is possible to just press the enter key when prompted for a passphrase, which will make a key with no passphrase. This is a bad idea for an identity key, so don’t do it! See below for uses of keys without passphrases.
- Copy the id_dsa.pub file to the other host’s .ssh dir with the name authorized_keys2.
scp ~/.ssh/id_dsa.pub Needle:.ssh/authorized_keys2
- Now Needle is ready to accept your ssh key. How to tell it which keys to use? The ssh-add command will do it. For a test, type:
ssh-agent sh -c 'ssh-add < /dev/null && bash'
- That command will start the ssh-agent, add your default identity (prompting you for your passphrase), and spawn a bash shell.
- From this new shell you should be able to:
cd ~/.ssh/
ssh Needle
This should let you in without typing a password or passphrase. Hooray! You can ssh and scp all you want from this bash shell and not have to type any password or passphrase.
