Wolfgang Tichy
ssh keys
- Create a public/private key pair with
cd ~/.ssh
ssh-keygen
Be sure to set a good passphrase when asked in the step above!!!
This makes the files id_rsa.pub and id_rsa
id_rsa.pub is the public key, id_rsa is the private key
You can share the public key with anyone, but never share the
private key
The public key can now be stored on the machine where we want to
log in without password
Copy it to e.g. koko-login.hpc.fau.edu by using
ssh-copy-id koko-login.hpc.fau.edu
Never email the private key id_rsa, keep it safe!
Using an agent for your keys
Note that whenever you make a connection, computers such as
quark.physics.fau.edu or bast.hpc.fau.edu will need your key. To access the
key, your key-passphrase is needed. If you want to type this passphrase less
often, you can set up
ssh-agent
or a similar program.
On Linux ssh-agent should be already installed. But there is also
GNOME Keyring and KWallet, which can be used for the same purpose.
- Check if ssh-agent is running and has keys:
ssh-add -l
In case it says
"Could not open a connection to your authentication agent",
you can start the agent with:
eval `ssh-agent`
To add a key to the agent type:
ssh-add path_to_private_key_on_local_client
This will ask for your passphrase, but then remembers it for
later. This way you don't have to enter it all the time.
The
add-key.py script in
https://github.com/wofti/WTscripts
can be used to simplify this process.
- Note that add-key.py still uses ssh-agent.
It merely simplifies its use.
- Installing add-key.py:
cd ~
git clone https://github.com/wofti/WTscripts.git
mkdir bin
ln -s ~/WTscripts/add-key.py ~/bin/add-key.py
Display help:
add-key.py -h
Usage:
eval `add-key.py path_to_private_key_on_local_client`
This will check if ssh-agent is running. If yes it will add the key,
it not it will start ssh-agent and then add the key.