SSH using keys instead of passwords

SSH using keys instead of passwords
Lars Sommer, 2008-01-03, lasg@lasg.dk

You can browse the web for all the reasons and a lot of approaches.
This is a quick summary, to make it work. Actually just a note for myself.

Based on FreeBSD 6.2, but should be usable on almost all unices and likely.

Generate a key pair on the local machine:
ssh-keygen -f .ssh/hostname_rsa
If -f and the filename is omitted, the keys will be id_rsa(.pub).
Though you can use the same key many places, I like to separate them.
Eventually the flags -b which sets bits in the key.
Default is 2048, and much larger than 4096 just makes things slow.
The -t type flag is rsa per default, which is quite sane.

The public key is transmitted to the remote machine:
scp .ssh/hostname_rsa.pub username@hostname:.ssh/authorized_keys2

And connections is made with:
ssh -i .ssh/hostname_rsa username@hostname

To disable password logins on the remote machine:
In /etc/ssh/sshd_config set:
UsePAM no
And restart sshd:
/etc/rc.d/sshd restart

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>