INFO-TECH

SSH uses a public key cryptosystem. That means that, among other things, it can present a secret signed with your secret key, which anyone can decrypt with your public key, in order to verify that you are really who you say you are, assuming no one has stolen your private key.

There are two main ways of setting up ssh authentication in such a way that you do not have to enter a password or passphrase to log into machines, but without sacrificing security overmuch. You can set up ssh keys without a passphrase, or you can set up ssh keys with a passphrase and then use ssh agent to enter your passphrase automatically. What we're doing below, is generating a public+privatekeypair, and then adding the public key to a file that lists public keys that are allowed to ssh into the account the key is added to.

1. srchost> cd .ssh
2. srchost>ssh-keygen –t rsa

3. srchost> # when ssh-keygen asks for a passphrase, just hit enter.

4. srchost>scp id_rsa.pub remote:/tmp/id_rsa.pub

5. dsthost> cd .ssh

6. dsthost> cat id_rsa.pub >authorized_keys