If you have SSH installed, you should be able to run..
ssh-keygen
Then go through the steps, you’ll have two files, id_rsa
and id_rsa.pub
(the first is your private key, the second is your public key – the one you copy to remote machines)
Then, connect to the remote machine you want to login to, to the file ~/.ssh/authorized_keys
add the contents of your that id_rsa.pub
file.
Oh, and chmod 600
all the id_rsa*
files (both locally and remote), so no other users can read them:
chmod 600 ~/.ssh/id_rsa*
Similarly, ensure the remote ~/.ssh/authorized_keys
file is chmod 600
also:
chmod 600 ~/.ssh/authorized_keys
Then, when you do ssh remote.machine
, it should ask you for the key’s password, not the remote machine.
To make it nicer to use, you can use ssh-agent
to hold the decrypted keys in memory – this means you don’t have to type your keypair’s password every single time. To launch the agent, you run (including the back-tick quotes, which eval the output of the ssh-agent
command)
`ssh-agent`
On some distros, ssh-agent is started automatically. If you run echo $SSH_AUTH_SOCK
and it shows a path (probably in /tmp/) it’s already setup, so you can skip the previous command.
Then to add your key, you do
ssh-add ~/.ssh/id_rsa
and enter your passphrase. It’s stored until you remove it (using the ssh-add -D
command, which removes all keys from the agent)