OpenSSH 3.0 and public keys.

Here is how to setup public keys. This will work on machine stats, sigma, chase, and other Unix systems in our department, and all systems running OpenSSH 3.0.

I'm going to use machine chase and machine stats for an example:

1. Log into your chase account.
2. execute the following command:

  • ssh-keygen -t dsa

    (sz@chase)[$:~] ssh-keygen -t dsa
    Generating public/private dsa key pair.
    Enter file in which to save the key (/users/staff/sz/.ssh/id_dsa):
    Enter passphrase (empty for no passphrase):

    Hit ENTER to save the key, and then hit ENTER again to use an empty passphrase.

    Your identification has been saved in /users/staff/sz/.ssh/id_dsa.
    Your public key has been saved in /users/staff/sz/.ssh/id_dsa.pub.
    The key fingerprint is:
    e5:1b:1t:3f:2f:1f:67:2e:d3:8b:e4:f6:bd:38:b4 sz@chase

    You now have a file called id_dsa.pub in your .ssh directory.

    Now, if you want to be able to ssh/scp into machine stats from machine chase without entering a password, must copy the id_dsa.pub file to your stats account by doing the following:

  • scp ~/.ssh/id_dsa.pub user@stats:

    (sz@chase)[$:~] scp ~/.ssh/id_dsa.pub sz@stats:
    sz@stats's password:

    Once the file has been copied to machine stats, log into your stats account and then do:

  • cat ~/id_dsa.pub >> ~/.ssh/authorized_keys

    (sz@stats)[$:/autofs/users/cs/staff/sz] cat id_dsa.pub >> ~/.ssh/authorized_keys

    Now make the permissions on your authorized_keys file readable only to you:

  • chmod 600 ~/.ssh/authorized_keys

    (sz@stats)[$:/autofs/users/cs/staff/sz] chmod 600 ~/.ssh/authorized_keys

    Once you've completed the above steps, you should now be able to ssh and scp from machine chase to machine stats without entering a password. You can copy your public key (~/.ssh/id_dsa.pub) on your chase account to any other Unix account you have and be able to ssh/scp to it without entering a password.