OpenSSH
Contents
See Also
Quick Hints
To log on to another computer:
ssh username@yourhostTo copy a file to another computer:
scp filename username@yourhost:/directory/pathor
sftp yourhost
To run a command on another computer:
ssh yourhost /path/command
Authentication w/Keys
SSH supports public-key authentication. Here is a procedure to enable public-key authentication for an OpenSSH implementation:
- Login as user username
- From the home directory, generate a key pair:
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/usr/local/username/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /usr/local/username/.ssh/id_rsa
Your public key has been saved in /usr/local/username/.ssh/id_rsa.pub
The key fingerprint is:
05:db:12:51:9f:48:dc:43:cd:8f:22:b0:a7:47:2d:17 username@hostnameIf you leave passphrase blank, you will not be asked for a passphrase later. Though insecure, this is useful for such things as batch ftp programs.
- Copy the public key to the remote host:
scp .ssh/id_rsa.pub yourhost:/tmp- Log on to your remote host as user username
- Append the contents of your public key into the SSH authorization file:
cat /tmp/id_rsa.pub >> .ssh/authorized_keys
cat /tmp/id_rsa.pub >> .ssh/authorized_keys2If the directory and/or file do not exist, create them.
- Set permissions:
chmod 755 $HOME/.ssh
chmod 755 $HOME
chmod 644 $HOME/.ssh/authorized_keys
chmod 644 $HOME/.ssh/authorized_keys2Once authentication w/keys is in place, and if you did not configure a passphrase, you can now run commands such as:
scp filename remotehost:/path/to/remote/directory/
ssh -f remoteserver chmod 666 /path/to/remote/directory/filenameTo reset a passphrase, run:
ssh-keygen -p
