Setting up ssh with private and public key pair
Steps:
- Create the key pair on the source server without passphase protection by below command
# ssh-keygen -t rsa -b 4096
Then the private key: id_rsa and the public key: id_rsa.pub should be created. The default key file path should be ~/.ssh/id_rsa and without passphase - Change the private key permission to 600
** Please keep this private key safely. It is just like your account password **
# chmod 600 ~/.ssh/id_rsa - Copy the public key file to destination server
# scp id_rsa.pub [user]@[destination_server]:~/.ssh/ id_rsa.pub - Append the public key to the authorized_keys under the home/.ssh directory. If the host does not have authorized_keys, create an empty file and set the file permission to 600. Then remove the public key file.
# cat id_rsa.pub >> ~/.ssh/authorized_keys
# rm id_rsa.pub - Try to ssh from the source server to destination server with the private key
# ssh [user]@[destination_server] –i ~/.ssh/id_rsa
Fixing Key Permissions And Ownership
Both the host and the client should have the following permissions and owners:
~/.sshpermissions should be700~/.sshshould be owned by your account~/.ssh/authorized_keyspermissions should be600~/.ssh/authorized_keysshould be owned by your account
Client environments should additionally have the following permissions and owners:
~/.ssh/configpermissions should be600~/.ssh/id_*permissions should be600