This is a short tutorial about generating SSH keys and using the public key in order to circumvent password authorization.
In this process, we create a pair of public and private SSH keys on your computer and copy the public key in the list of authorized keys.
Please use the following list of commands to generate ssh keys.
$ cd $HOME/.ssh/ $ ssh-keygen
After executing the previous command, you choose a name for your rsa key. (Make sure you are in $HOME/.ssh directrory)
Generating public/private rsa key pair. Enter file in which to save the key (/home/kothari/.ssh/id_rsa): icscluster_rsa
Please use some passphrase, ideally, passphrase should contain at least 15-20 characters and it should be difficult to guess.
For more information on the passphrase, please see https://www.ssh.com/ssh/passphrase
Enter passphrase (empty for no passphrase):
Enter the passphrase again
Enter same passphrase again:
Now, depending on your passphrase a new ssh identity has been created.
Your identification has been saved in icscluster_rsa. Your public key has been saved in icscluster_rsa.pub. The key fingerprint is: 8f:3d:dc:62:19:47:81:a7:d0:df:2f:da:a0:44:01:4d kothari@icsmaster01 The key's randomart image is: +--[ RSA 2048]----+ | .=E.. | | . = .. | | . =.. | | o.. . | | S.. . . | | =.=. . .| | ..O..+ . | | ..o. . | | | +-----------------+
Now, in your $HOME/.ssh directory you will have a public key icscluster_rsa.pub and a private key icscluster_rsa.
As the public and private keys are generated, we place the public key on the corresponding server.
This can be done using the following command (assuming .ssh directory exists in your home directory on the server).
ssh-copy-id -i ~/.ssh/icscluster_rsa.pub email@example.com
Here, you have to provide the password, in order to add your public key to list of authorized keys.
If you plan to connect to multiple servers, it is recommended that you use different keys for different servers, and create different ssh keys following steps 1-3.
Make sure, that only the public key is on the server, and the private key is only located on your computer.
Now, in order to login on a server, you can use the following command
$ ssh -i ~/.ssh/icscluster_rsa firstname.lastname@example.org
If you find this cumbersome to write, you could also create aliases for the ssh using the config file.
An example of config file can be given as
# content of $HOME/.ssh/config Host icscluster HostName hpc.ics.usi.ch # address of the server IdentityFile ~/.ssh/icscluster_rsa # private key for icscluster User my_username1 # username Host example HostName example.ch # addderss of the server IdentityFile ~/.ssh/example_rsa # different private key for realname2 User my_username2 # username
Once this file is set up, you can connect to the servers using
$ ssh icscluster