Configure SSH

De Organic Design
Procedure.svg Configure SSH
Organic Design procedure

To set up key-based login, first create a pub/private key combo, enter a password which is used to restrict access to the private key.

ssh-keygen -t rsa

That will create the files (id_rsa and in your ~/.ssh folder. You then copy the pub one to a file called authorized_keys in your ~/.ssh folder (and be sure to set the mode of the authorized_keys to 644!) in any machines you want to log in to without using password.

You may need to adjust your /etc/ssh/sshd_config to allow it by setting RSAAuthentication and PubkeyAuthentication to yes and also check that the file it expects the pub key to be in is indeed ~/.ssh/authorized_keys in the AuthorizedKeysFile setting.

You can also prevent password login if you like as key-based login is stronger, just set the PasswordAuthentication setting to no.

Adding or removing the password on your private key

If your private key has no password on it, you can create a new copy of the key that has a password like this:

openssl rsa -des3 -in ~/.ssh/id_rsa -out your.encrypted.key

To remove the password (which you can do if you want to add a different password afterwards) use this command:

openssl rsa -in ~/.ssh/id_rsa -out

See also