Generating SSH Keys

Generating SSH keys for remote access should be easy. In fact it is, here are the steps:

  1.  # ssh-keygen -t rsa -b 8192

  2. Accept all the defaults at this point and it will store them in your ~/.ssh/ directory as id_rsa (the private key) and id_rsa_pub (the public key).
  3. copy the file to the user and machine  # ssh-copy-id [user]@[host]  taking care to replace [user] and [host].

That really is it, BUT!!! And its a big but: If for some reason you don't have permissions set properly, it will not work.

Make sure that you have permission set as follows:

 # chmod 700 ~/.ssh
 # chmod 600 ~/.ssh/authorized_keys

If it still doesn't work, check permissions on your home directory the default in sshd_config file (look for it if you must) contains a line that says: StrictModes = yes. This means that if you have given access to your home directory to a group, sshd will prevent you from using a publickey login method. There are multiple ways to fix this. One is to not give access to your home directory. If you must, you can change the line to be StrictModes = no. If you are insanely careful (my servers rarely have anyone but me using them), see: http://superuser.com/questions/466114/ssh-and-home-directory-permissions for another option.

SshKeys (last edited 2021-06-17 16:44:26 by scot)