This guide will demonstrate how to set up RSA-based authentication on a remote machine. RSA authentication allows ssh access without entering a password each time. Be aware that RSA doesn't do Kerberos authentication, so RSA won't work if your target machine expects to speak Kerberos.
RSA authentication is machine-specific, so repeat these steps for each machine that you wish use. This example uses a machine called farfo as our host and wonderdog as our target.
farfo(1)% cd ~/.ssh
The command is ssh-keygen. Specify the key type (with the -t option) as rsa. Enter a hostname-specific name for the keyfile (id_farfo in this example), and when prompted, enter your password for the target machine.
farfo(2)% ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/u/j/o/joeuser/.ssh/id_rsa): id_farfo
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_farfo.
Your public key has been saved in id_farfo.pub.
The key fingerprint is:
ff:bb:cc:bb:aa:99:88:77:66:55:44:33:22:11:00:00 joeuser@farfo.cs.wisc.edu
farfo(3)% ssh wonderdog
Last login: Sat Jul 7 1:49:01 2006 from farfo
Sun Microsystems Inc. SunOS 5.11 snv_33 October 2007
wonderdog(1)%
Copy the public keyfile to the ~/.ssh/ directory on the target with the scp utility. Enter passwords as necessary.
wonderdog(1)% scp farfo:.ssh/id_farfo.pub ~/.ssh/
Password:
id_farfo.pub 100% |***********************************| 240 00:00
If the file ~/.ssh/authorized_keys does not exist, copy your public key to this file. Otherwise, append your public key to the file.
wonderdog(2)% cat ~/.ssh/id_farfo.pub >> ~/.ssh/authorized_keysYou should not be promted for a password when you log into the target from the host.
wonderdog(3)% exit