Redhat:ssh setup keys

Pubic / Private Key Pair

A public / Private key pair can be used for athentication for accessing a remote system. The private key is kept by the user. The public key s copied to remote systems that are to be accessed through ssh.

When a user accesses the system though ssh the system checks for the matching public key. If it is found the system grants access without asking for a password.

The private key must be secure, as with it a cracker could access the system without authorized access

Create a key pair

To create a key pair use the ssh-keygen command. This will ask where to store the keys, to enter an optional password and warn you if you are about to overwrite an existing key.

It allows you to create two types of keys: RSA and DSA. An RSA key also has the option top set the number of bits used for the key.

ssh-keygen -t rsa #Create an RSA key 
ssh-keygen -t rsa -b 8192 #Create an RSA key with 8192 bits
ssh-keygen -t dsa #Create a DSA key

Generating public/private rsa key pair.
Created directory '/home/michael2/.ssh'.
Your identification has been saved in /home/michael2/.ssh/id_rsa.
Your public key has been saved in /home/michael2/.ssh/id_rsa.pub.
The key fingerprint is:
5c:28:7d:6d:7f:9c:61:f1:d8:17:19:40:aa:4b:8b:cf michael2@head
The key's randomart image is:
+--[ RSA 2048]----+
|            .o.+o|
|       . . ..  ++|
|      . o o.o .o+|
|       o o.. ...+|
|        So    ..o|
|        o o    . |
|       . o       |
|        o        |
|         E       |
+-----------------+

Copy to key to a remote system

The public key created can either be manually copied to the remote system. This is a more secure method of doing so as it is not transmitted over the network.

The ssh-copy-id command can also be used:

ssh-copy-id -i .ssh/id_rsa.pub michael@head.boston.co.uk