ANYCon 2017 Talk – The Stuffer
Creating SSH keys for password-less access to chewy
If you want to SSH into the CS department SSH server (chewy) without having to type your password each time use the following instructions to create a SSH public/private key pair. This is a handy skill to learn especially if you are looking to script processes that require the SSH service. If you do not use keys when scripting then each time an SSH connection is made the script will fail since no one will be around to type in the SSH password.
In order to setup a SSH key pair use the ssh-keygen command on a Linux system to create the public and private keys.
This will start up a dialog with a few prompts that you must respond to. In most cases you can just hit enter in order to accept the defaults:
Some things to note:
- You can enter a passphrase when creating the key pair which will make it more secure, but this will also require you to type the passphrase whenever you SSH into the system. This will defeat the purpose of using the key pair for automation.
- Your keys will be generated in /home/your_uesrname/.ssh which is a HIDDEN directory. Make sure the private key (id_rsa) is copied the /home/your_username/.ssh folder on each client system that you would like to use to access the SSH server.
- You will need to add your public key to the /home/your_username/.ssh/authorized_keys file in order to use your key pair to connect to the system.
Adding your public key to the authorized keys file:
Make sure the permissions are set correctly on the authorized_keys file:
That should do it! Now try to SSH into the server from the client using the key pair, if all went well you should be logged right in without being prompted for a password. If you are still being prompted for your password make sure that the permissions are set correctly.
List of permissions:
DefCon 23 Videos
All of the DefCon 23 videos are available at http://cs.utica.edu/~defcon
The content is username and password protected. If you would like access please see Prof. Ronny Bull or get the credentials from someone who already has them.