Creating SSH keys for password-less access to chewy

image_pdfimage_print

If you want to SSH into the CS department SSH server (chewy) without having to type your password each time use the following instructions to create a SSH public/private key pair. This is a handy skill to learn especially if you are looking to script processes that require the SSH service. If you do not use keys when scripting then each time an SSH connection is made the script will fail since no one will be around to type in the SSH password.

In order to setup a SSH key pair use the ssh-keygen command on a Linux system to create the public and private keys.

ssh-keygen

This will start up a dialog with a few prompts that you must respond to. In most cases you can just hit enter in order to accept the defaults:

ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/home/your_username/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/your_username/.ssh/id_rsa.
Your public key has been saved in /home/your_username/.ssh/id_rsa.pub.
The key fingerprint is:
78:51:34:46:f0:0a:bd:e6:83:0c:69:73:58:d8:c4:c9 your_username@chewy.cs.utica.edu
The key's randomart image is:
+--[ RSA 2048]----+
|     o...+*      |
|     +E. + .     |
|    . + o .      |
|     + o +       |
|    * o S        |
|   . = =         |
|      o o        |
|         .       |
|                 |
+-----------------+

Some things to note:

  • You can enter a passphrase when creating the key pair which will make it more secure, but this will also require you to type the passphrase whenever you SSH into the system. This will defeat the purpose of using the key pair for automation.
  • Your keys will be generated in /home/your_uesrname/.ssh which is a HIDDEN directory. Make sure the private key (id_rsa) is copied the /home/your_username/.ssh folder on each client system that you would like to use to access the SSH server.
  • You will need to add your public key to the /home/your_username/.ssh/authorized_keys file in order to use your key pair to connect to the system.

Adding your public key to the authorized keys file:

cat id_rsa.pub >> /home/your_username/.ssh/authorized_keys

Make sure the permissions are set correctly on the authorized_keys file:

chmod 644 /home/your_username/.ssh/authorized_keys

That should do it! Now try to SSH into the server from the client using the key pair, if all went well you should be logged right in without being prompted for a password. If you are still being prompted for your password make sure that the permissions are set correctly.

List of permissions:

.ssh directory - chmod 700
.ssh/id_rsa - chmod 600
.ssh/id_rsa.pub - chmod 644
.ssh/authorized_keys - chmod 644