1. Firstly, generate your public/private keys using ssh-keygen

% ssh-keygen -t rsa

You must use the -t option to specify that you are producing keys for SSHv2 using RSA. This will generate your id_rsa and in the .ssh directory in your home directory. I strongly suggest using a passphrase.

2. Now copy the to the .ssh directory of the remote host you want to logon to as authorized_keys2 .

[Note: If you have more than one host from which you want to connect to the remote host, you need to add the local host’s as one line in the authorized_keys2 file of the remote host, i.e., you can have more than one entry. Thanks to Jinn Koriech for pointing this out. Also, you need to ‘chmod 644 authorized_keys2’ to make it unwritable to everybody apart from the user. Thanks to Matthew Lohbihler for this info.]

You are basically telling the sshd daemon on the remote machine to encrypt the connection with this public key and that this key is authorized for version 2 of the ssh protocol. Try using something secure like scp for this copying.

% scp ~foo/.ssh/ [email protected]:~foo/.ssh/authorized_keys2




Convert OpenSSH? to IETF SECSH key file


Usage: ssh-keygen [options]
  -b bits     Number of bits in the key to create.
  -c          Change comment in private and public key files.
  -e          Convert OpenSSH to IETF SECSH key file.
  -f filename Filename of the key file.
  -g          Use generic DNS resource record format.
  -i          Convert IETF SECSH to OpenSSH key file.
  -l          Show fingerprint of key file.
  -p          Change passphrase of private key file.
  -q          Quiet.
  -y          Read private key file and print public key.
  -t type     Specify type of key to create.
  -B          Show bubblebabble digest of key file.
  -C comment  Provide new comment.
  -N phrase   Provide new passphrase.
  -P phrase   Provide old passphrase.
  -r hostname Print DNS resource record.
  -G file     Generate candidates for DH-GEX moduli
  -T file     Screen candidates for DH-GEX moduli


ssh-keygen -e -f >


Lascia un commento

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *