Thursday, November 13, 2014

How to generate ssh rsa keys

Ssh keys are used to login into linux server securely, and it is more secure than using password. To use it, just put the public key in the server that you want to access to, and connect to that server using a machine that has your private key. To increase the security even more, you can even set passphrase for the private key during the generation process. To generate the keys:

To generate the rsa key in the client machine (usually it is your own machine), run below command:

 
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/foo/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/foo/.ssh/id_rsa.
Your public key has been saved in /home/foo/.ssh/id_rsa.pub.
The key fingerprint is:
4a:dd:0a:c6:35:4e:3f:ed:27:38:8c:74:44:4d:93:67 foo@bar
The key's randomart image is:
+--[ RSA 2048]----+
|          .oo.   |
|         .  o.E  |
|        + .  o   |
|     . = = .     |
|      = S = .    |
|     o + = +     |
|      . o + o .  |
|           . o   |
|                 |
+-----------------+

 For the location to save key, you can press Enter to save to the default location, which is /home/foo/.ssh where foo is the user we use to generate the key. id_rsa is your private key, and id_rsa.pub is your public key

$ ls .ssh/
id_rsa  id_rsa.pub

For the passphrase, you can opt to omit it, but it will reduce the security level of the key pair, since anyone who get your private key can use it to access all the servers that contain your private key. The advantage is, you can do passwordless access.

The final thing to do is to copy the public key to the servers that you want to access, and you are done.