Loading...
 

how to setup ssh keys

This is a short tutorial about generating SSH keys and using the public key in order to circumvent password authorization.
In this process, we create a pair of public and private SSH keys on your computer and copy the public key in the list of authorized keys.

Step 1: Creating  the rsa key pair (private and public keys)

Please use the following list of commands to generate ssh keys. 

$ cd $HOME/.ssh/
$ ssh-keygen

 

Step 2: Store the keys and passphrase

After executing the previous command, you choose a name for your rsa key. (Make sure you are in $HOME/.ssh directrory) 

Generating public/private rsa key pair.
Enter file in which to save the key (/home/kothari/.ssh/id_rsa): icscluster_rsa

Please use some passphrase, ideally, passphrase should contain at least 15-20 characters and it should be difficult to guess.

For more information on the passphrase, please see https://www.ssh.com/ssh/passphrase 

Enter passphrase (empty for no passphrase):

Enter the passphrase again 

Enter same passphrase again:

Now, depending on your passphrase a new ssh identity has been created. 

Your identification has been saved in icscluster_rsa.
Your public key has been saved in icscluster_rsa.pub.
The key fingerprint is:
8f:3d:dc:62:19:47:81:a7:d0:df:2f:da:a0:44:01:4d kothari@icsmaster01
The key's randomart image is:
+--[ RSA 2048]----+
|        .=E..    |
|        . = ..   |
|         . =..   |
|          o.. .  |
|        S.. .  . |
|         =.=. . .|
|        ..O..+ . |
|         ..o. .  |
|                 |
+-----------------+

Now, in your $HOME/.ssh directory you will have a public key icscluster_rsa.pub and a private key icscluster_rsa.

Step 3: Copy the public keys

As the public and private keys are generated, we place the public key on the corresponding server.

This can be done using the following command (assuming .ssh directory exists in your home directory on the server). 

ssh-copy-id -i ~/.ssh/icscluster_rsa.pub my_username@hpc.ics.usi.ch

Here, you have to provide the password, in order to add your public key to list of authorized keys.

If you plan to connect to multiple servers, it is recommended that you use different keys for different servers, and create different ssh keys following steps 1-3.

Make sure, that only the public key is on the server, and the private key is only located on your computer.

Step 4: Create aliases with config file

Now, in order to login on a server, you can use the following command 

$ ssh -i ~/.ssh/icscluster_rsa my_username@hpc.ics.usi.ch

 

If you find this cumbersome to write, you could also create aliases for the ssh using the config file. 

~/.ssh/config

An example of config file can be given as 

# content of $HOME/.ssh/config
Host icscluster 
    HostName hpc.ics.usi.ch               # address of the server 
    IdentityFile ~/.ssh/icscluster_rsa    # private key for icscluster
    User my_username1                     # username
Host example
    HostName example.ch                   # addderss of the server 
    IdentityFile ~/.ssh/example_rsa       # different private key for realname2
    User my_username2                     # username

 

Once this file is set up, you can connect to the servers using 

$ ssh icscluster

 

Show php error messages