DCSC logo
+Open all         -Close all

Using ssh keys and ssh config files

When you access the same computer a lot of times using ssh it is nice to be able to do this without requiring you to enter a password all the time - ssh keys can be used to do this.

In the following, mylaptop is the name of the local machine (your laptop) while fe.dcsc.sdu.dk is the name of the remote computer.

Everything should be done in a terminal window.

SSH keys

  1. Generate a ssh-key using ssh-keygen. Choose the default filename, and a nice password: peter@mylaptop:~$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/Users/peter/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/peter/.ssh/id_rsa. Your public key has been saved in /Users/peter/.ssh/id_rsa.pub. The key fingerprint is: 49:f1:cc:55:60:40:9e:43:53:0b:6d:0f:31:71:35:9d peter@mylaptop The key's randomart image is: +--[ RSA 2048]----+ |        ..*+O=oo+| |         B *++ Eo| |        . B..o   | |       . . .  .  | |        S        | |                 | |                 | |                 | |                 | +-----------------+
  2. Copy the public file to the remote computer: peter@mylaptop:~$ scp ~/.ssh/id_rsa.pub ph@fe.dcsc.sdu.dk: ... id_rsa.pub                       100%  440     0.4KB/s   00:00
  3. Next, login to the remote host, and copy the public key file to the right place (~/.ssh/authorized_keys) peter@mylaptop:~$ ssh ph@fe.dcsc.sdu.dk ... ph@fe:~$ mkdir .ssh ph@fe:~$ mv id_rsa.pub .ssh/authorized_keys
  4. If you use other remote computers, you should only repeat step two and three for each of these.

SSH configuration

You can use the file ~/.ssh/config to setup parameters for ssh that you otherwise must enter at each login. This is done on the client (your laptop).

Basically you create a section per remote computer. The special Host * section will match any computer, i.e., using the following, ph is the default username ssh should use.

# # Contents of ~/.ssh/config # Host fe Hostname fe.dcsc.sdu.dk Host fe8 Hostname fe8.dcsc.sdu.dk Host france Hostname other.computer.in.france.fr User pierre # Entries in "Host *" are used as default values # - unless something else is specified above Host * User ph ForwardX11 yes

With the above file in place, you can now simply use peter@mylaptop:~$ ssh fe instead of peter@mylaptop:~$ ssh -Y ph@fe.dcsc.sdu.dk