Category: rsa key

How to copy SSH public key to remote host

Recently I found a fast method to move a ssh pub key to the remote host without using scp. Simply:

ssh-copy-id -i <my_sshkey.pub> <login>@<ip_host>

Example:

ssh-copy-id -i mykey_rsa.pub cesare@192.168.0.100

If you need to copy the default id_rsa key omit the -i option:

ssh-copy-id cesare@192.168.0.100

 

SSH without password

Every time I use ssh I need to type the password and this can be, at length, annoying. Here how to bypass it.

I will use local$ for the commands typed on the local machine (Xubuntu 11.10) and remote$ for those on the remote machine (Synology DS209).

In the case your remote machine is a Synology Nas be sure that SSH server is enabled to handle RSA keys, here how to perform it.

Firstly, on the local host we have to clean up the whole directory (be assure you can do it) removing all previous connection information.

local$ cd
local$ rm -rf .ssh
local$ mkdir .ssh

Create now the public and private keys for our local host

local$ ssh-keygen -t rsa -f .ssh/id_rsa -C "localusername@localaddress"

the switch -C add the “localusername@localaddress” comment in the key content. This can be useful later because we can easily recognize to whom the key belongs to when viewing the file authorized_keys.

This command will ask for a passphrase, for simplicity leave it blank (press enter).

Now transfer the .ssh/id_rsa.pub file into the ssh folder on your remote host, maybe through scp, ftp or whatever. Then connect to your remote machine

local$ ssh remoteusername@remoteaddress

Now that we are on the remote machine, get into the home

remote$ cd

Option #1: explicitly on my Synology NAS I had to get into the /root because SSH is not enabled for normal users.

remote$ cd /root

Option #2: if the folder .ssh is not present create it plus the file authorized_keys

remote$ mkdir .ssh
remote$ touch .ssh/authorized_keys

Append the key content to the authorized_keys file

remote$ cat .ssh/id_rsa.pub >> .ssh/authorized_keys

Check and eventually fix the permissions up, then leave

remote$ chmod 644 .ssh/authorized_keys
remote$ chmod 700 .ssh
remote$ exit

The next login from your client should not ask you for a password any longer.

By the way, the name id_rsa is not compulsory but it is the default one. How to check it? Open /etc/ssh/ssh_conf and look for the lines with the key “IdentityFile

#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa

there are both DSA and RSA default key names, change it eventually or alternatively you can launch ssh specifying the key you want to use, for example

ssh -i <alternative_key> root@ds209

WordPress Themes