Home / server / Questions / 73289
Accepted
Libyano
Asked: 2009-10-11 12:30:04 +0800 CST

How to make connection between two computers using ssh-keygen

  • 772

I want to use rsync command between two computers and both of them have RedHat 5.3 , when I googled for way to make that, I discovered that I have to make public key between them to not prompt password when I use rsync command. What is the best way to get a public key and make rsync work perfectly.

Note: I followed many tutorials and I did not find authorized_keys (under /root/.ssh/). I found known hosts file.

linux

4 Answers

  1. Best Answer

    A public/private keypair needs to be created on the machine you want to connect from then the public key needs to be copied to the machine you want to connect to. For this explaination lets call the machine you want to connect from local and the machine you want to connect to remote.

    Step 1 - Generate the keypair on local

    > ssh-keygen -t dsa

    This command will create id_dsa and id_dsa.pub in your home folder, i.e. ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub

    Step 2 - Add the public key to the authorized_keys file on the machine you want to connect to.

    1. copy the contents of ~/.ssh/id_dsa.pub on local to your clipboard
    2. open an ssh session to remote

    local> ssh user@remote

    1. open the authorized_keys file for editing, creating if it does not exist

    remote> vi ~/.ssh/authorized_keys

    1. If the file is empty, press i then paste your clipboard contents into the file. If the file has entries use the arrow keys to navigate to the bottom, then press i and paste the contents of your clipboard.
    2. save the file by typing :wq
    3. change the permissions on the authorized_keys file

      remote> chmod 600 ~/.ssh/authorized_keys

    You should now be able to connect to the remote machine using the key.

    local> ssh user@remote
    • 5

  2. When you want to use ssh with keys, the first thing that you will need is a key.
    creating key using dsa encryption (or replace dsa by rsa for rsa encryption) 

    
$ ssh-keygen -t dsa
    When asked for a "passphrase", we won't enter one. Just press enter twice. The ssh-keygen program will now generate both your public and your private key, by default, your keys are stored in the .ssh/ directory in your home directory.

    To be able to log in to remote systems using your pair of keys, you will first have to add your public key on the remote server to the authorized_keys file file in the .ssh/ directory in your home directory on the remote machine. 

    
$ cd ~/.ssh; scp id_dsa.pub username@target:./id_dsa.pub
$ ssh username@target 
$ mkdir ~/.ssh; chmod 700 ~/.ssh
$ cat id_dsa.pub >> ~/.ssh/authorized_keys
$ chmod 600 ~/.ssh/authorized_keys
$ rm -fr id_dsa.pub
    You can now ssh to the remote systems's account without the use of a password.

    • 0

  3. Since this is such a common task, I created a shell script to handle it for me. This will create the local SSH key pair if it doesn't already exist, then copy it to the remote machine.

    #!/bin/bash

keytype="rsa"
while getopts "t:" opt; do
    case $opt in
        "t")
            keytype=$OPTARG;;
    esac
done
shift $(($OPTIND - 1))

if [[ $# != 1 ]]; then
    echo "Usage: $0 [-t rsa|dsa] [user]@host"
    exit
fi

KEYFILE=~/.ssh/id_$keytype
AUTHFILE=.ssh/authorized_keys

if [[ ! -e $KEYFILE ]]; then
    echo "Creating key..."
    ssh-keygen -t $keytype -f $KEYFILE
fi
if [[ -e $KEYFILE ]]; then
    echo "Logging in..."
    ssh $1 "[[ -d .ssh ]] || mkdir .ssh && [[ -e $AUTHFILE ]] || touch $AUTHFILE && chmod 0600 $AUTHFILE && cat - >> $AUTHFILE" < $KEYFILE.pub
fi

    The last ssh command could be replaced with ssh-copy-id. I didn't do that because I wrote the program before I found out about ssh-copy-id and it's always worked well enough for me.

    • 0

  4. When not using port 22 for ssh, change this line: ssh $1 "[[ -d .ssh ]]... to ssh '-p 3433' $1 "[[ -d .ssh ]]... (substitute 3433 for your ssh port id)

    Great script!

    Cheers, py

    • 0