SSH key pair setup
Generate the key
To generate the key run the following command as the user you want the public/private key pair to work for
/usr/bin/ssh-keygen
This will ask you three questions:
Enter file in which to save the key (/home/USER/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
For the first question just hit enter so the private key will be saved in the users home directory. The second and third question will determine if anything will need to be entered at login. If this is for a “role” account that will run commands via ssh you should just hit enter for both questions. If you want to type a pass phrase each time you login, type it in at this time. Once you have answered all three question a public/private key pair will produced and put in the directory of the first question. When you look in this directory you will see two files, id_rsa and id_rsa.pub. The file with the .pub is the public key; never distribute the private key.
Distribution of the public key
As the user the key pair will be used for and from the server where the private key is located, copy the public key with scp:
/usr/bin/scp /home/USER/.ssh/id_rsa.pub remote.server:~/.
Once the public has been copied over, login in to the server. Check for the /home/USER/.ssh directory and make sure the perms are set to 700 or drwx——. If the directory does not exist create it with this command
/bin/mkdir -m 700 /home/USER/.ssh
Now we need to get the public key information into /home/USER/.ssh/authorized_keys with this command
/bin/cat /home/USER/id_rsa.pub >> /home/USER/.ssh/authorized_keys
If the authorized_keys file was there already make sure the perms for the file are set to 644 or -rw-r–r–. Now logout of the server and then relogin. If everything has been setup correctly you should get in with out typing anything, if you left the pass phrase section blank, or by typing in your passphrase.