Forum | How to SSH - Keygen in one command.

April 11th, 2009
You must be logged in to post Login Register

Search Forums:


 






Home Forum Blog Posts How to SSH – Keygen in one command.

How to SSH – Keygen in one command.
Read original blog post

No Status Selected
Page:   1  
UserPost

12:15 pm
April 11, 2009


admin

Admin

posts 33
Print this Post
1

During the course of a day I need to shell into a handful of different linux servers to perform a variety of sys admin tasks . To do this securely I use the ssh 2 protocol. Since the ssh protocol is encrypted no text is passed via clear text, which could make it easy for any bad guys to sniff or capture the packets and find out my passwords.

Using public and private keys ssh authorization and text expander I have my login down to as few as four keystrokes. The best part of this is that after creating all of my authorized_keys I can put them on my iPhone and then ssh in from anywhere without having to lookup my passwords.
In this post I will cover the creation of the authorized public_private keys and sending it to the server with one command line.

For this to work correctly you will have to enable SSH on the computer you are sending from and unblock or map your ssh port in your firewall and or router.
On your local computer create a strong dsa public private key pair using the shell command below.

local-computer$ ssh-keygen -t dsa
(Do not enter a pass phrase, just hit enter)

Now lets transfer the id_dsa.pub key to your user directory on the host machine.

ssh yourusername@server_to_connect_to "echo `ssh your-computer.local cat .ssh/id_dsa.pub` >> .ssh/authorized_keys"

Obviously you want to replace yourusername@server_to_connect_to with your login@the ip address or domain name of the server you are connecting to.
For this login you will need to enter your passwords, first of the local computer and then of the server you are connecting too.

After this step you can try to connect using ssh yourloginname@domain.com and see if you can can log in without a password.
If you cant log in without a password check the server logs, if you see an error like this

Authentication refused: bad ownership or modes for directory
If you do you will need to change permissions on the server by issuing the following commands on the server.


server$ chmod go-w ~/

server$ chmod 700 ~/.ssh
server$ chmod 600 ~/.ssh/authorized_keys

Now try to connect again using ssh yourloginname@domain.com.
Success!! Now issue the command again on each of the servers that you need to ssh into and you are good to go.

References:
http://sial.org/howto/openssh/publickey-auth/problems/

http://blogs.ittoolbox.com/linux/locutus/archives/how-to-add-ssh-authorization-with-one-command-13569
http://defindit.com/readme_files/ssh.html


Read original blog post
Page:   1  
Topic RSS

About the Geek Outpost forum

Most Users Ever Online:

8


Currently Online:

3 Guests

Forum Stats:

Groups: 2

Forums: 3

Topics: 33

Posts: 33

Membership:

There are 4 Members

There have been 0 Guests

There is 1 Admin

There are 0 Moderators

Top Posters:

Administrators: admin (33 Posts)




Share and Enjoy:
  • Twitter
  • Digg
  • Facebook
  • MySpace
  • Google Bookmarks
  • email
  • del.icio.us
  • LinkedIn
  • StumbleUpon
  • Reddit
  • Yahoo! Buzz
  • Suggest to Techmeme via Twitter
  • Twitthis

Powered by WP Robot