Life of a Geek

Setting up the ssh client for using public key authentication is pretty easy. But I remember before I knew how to do it I had to look it up all the time whenever I wanted to setup a machine. Now it’s become second nature so I am going to show you how it’s done.

For Linux/Unix/Mac Os X users:
Open up a terminal window and type the following.
cd ~/.ssh
ssh-keygen -t rsa

It will then prompt you with something like this:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): <– I just press enter here
Enter passphrase (empty for no passphrase): <– I usually put in a password
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key finger print is:
9d:27:2f:d5:6f:31:a3:fc:8f:f2:10:76:6e:bc:aa:88 user@localhost.localdomain

Now that you have a public and private key pair you need to upload your public key to the server you want to connect to.

scp ~/.ssh/id_rsa.pub user@host:.

Once you do that you need to login to the remote machine and copy the contents of your public key to the users authorized_keys file.

cat ~/id_rsa.pub >> .ssh/authorized_keys

if there is no .ssh directory:

mkdir .ssh
chmod 700 .ssh

if there wasn’t an authorized_keys file before, make sure to modify the permissions (this only needs to be done if you are using strict permissions in the /etc/ssh/sshd_config):
chmod 600 .ssh/authorized_keys

That is all you have to do from the client side on a Linux/Unix/Mac Os X machine. Now lets look at the Windows way of doing things. I have done this with both XP and Vista before so it should work the same way, that is as well as I can remember it works the same.

---

For Windows XP/Vista Users:

Windows doesn’t come with an ssh client, unlike the other operating systems, so you must download a client in order to use ssh. Luckily there is PuTTY! If you click on the very top download it should only take a minute since it is a very lightweight application. While you are there you are going to need PuTTYgen as well.

Now for the part that sucks for me… having to take screen shots, optimize the images, upload them and paste them. All the while supplying you with step by step instructions. Seriously I give props to the people that do this more than I do, this takes a long time to make a tutorial.

So lets open up PuTTYgen and see what it looks like.

Just click on the “Generate” button.  And you will get this screen.

This part is kind of fun because you get to move your mouse around in that area to generate the key.  The only time it sucks is when you set the number of bits to higher than 1024, I would normally go with 2048 but you always have the choice of 4084 as well.  If you choose the last one I hope you have some stamina because it takes a while.

Now you just need to type in the information you want.  If you don’t want to put a password for the private key that is your choice.  If you want to make a password you can always use pageant to make it so you don’t have to type a password everytime.  MAKE SURE YOU SAVE BOTH THE PRIVATE AND PUBLIC KEYS!  And put them in a location you can find.

Now we insert that private key into PuTTY.  So lets configure our PuTTY session.

First we are going to open up PuTTY and go to the Auth section under SSH.  Leave the defaults and browse for where you saved your private key.  Now go back up to Sessions.

Fill out the connection information, create a session name and save the configuration.  Now we have to upload the public key to the server.

Hopefully the ssh server is using password authentication right now, or you have some means to ssh into the server.  Because this is now command line via ssh.  Let’s upload the public key to the server.

scp /path/to/file/publickey.pub user@host:.

Now connect via ssh to the server, we are going to add the public key to the authorized_keys file.  Since we used PuTTYgen to create the public key we need to convert it to the openssh format. And in that same command we append it to the end of the authorized_keys file.

ssh-keygen -if publickey.pub >> .ssh/authorized_keys

and that’s all folks!  Now you should be able to connect to your server using public key authentication.  Hope you made it through this okay.