I just set this up and it works like a charm. However I imagine that I won’t be doing this every day, so I am writing this note to my future self.
How logging in on a remote server using an SSH key works (intuition)
This is sort of my non-expert, but technically viable understanding of how all of this magic works.
- Create a pair of keys using the command
ssh-keygen– one public key, and one private key. - Upload the public key (that can be used to confirm the identity something generated using of the private key I believe), to the server (each user has a
~/.ssh/authorized_keyson the server). - Make sure the
.sshdirectory on the server is only readable by your user. - Make sure the directory where you store your key pair on your local computer is also only readable by you.
- When logging in, point
sshto use your private key, for the correct user on the remote server.
Commands
Create your ssh key pair using
ssh-keygen -t rsa -b 2048 -f ~/.ssh/id_rsa -C "Enter an optional comment about your key"
You can use another name than id_rsa. A public companion with the suffix .pub will also be created. You do not have to enter a passphrase, e.g. when using the key via a script.
Protect your local .ssh directory using the following:
chmod 700 ~/.ssh && chmod 600 ~/.ssh/*
Upload the public key via ssh:
cat ~/.ssh/id_rsa.pub | ssh user@remote-server.com 'cat - >> ~/.ssh/authorized_keys'
Protect the .ssh directory on your remote server (remote shell) using:
chmod 600 ~/.ssh/authorized_keys && chmod 700 ~/.ssh/
Login using
ssh -i ~/.ssh/id_rsa user@remote-server.com
where id_rsa is your private key.
filtered by fnurl 