Using SSH keys, one can securely authenticate two computers without the need for a password provided the key pair matches. Thus making it more convenient.
To use SSH keys for authentication, you need to generate the key pairs using the
ssh-keygen command on the machine (local) you intend to access the other computer(remote) from. Afterward, you copy the public ID to the remote machine. This way, when you try to access the remote machine, you won't need a password.
In this article, you will learn how to copy ssh keys to another machine.
You can use the link below to try this tutorial by spinning up a server on Digital Ocean.
Generating SSH key pairs
On the local machine, open the terminal and use the following command.
ssh-keygen -t ed25519 -C "Geekbits Default"
This command will generate keys using the
ed25519 type thus the
-t flag and with a comment "Geekbits Default" thus the
If you have no other keys generated, accept all the defaults by pressing Enter until the process is complete. You can add a passphrase if you wish. I will just pass that in this tutorial.
Once the keys are generated, they should be stored in the
.ssh directory. You can
cd into that directory using the command below to see the keys.
cd .ssh && ls
1. Copying SSH public key manually to another machine
As you will notice, two keys are generated. The private key and the public key. The one we need is the public key. This is the key we need to copy to the remote machine. To copy it to the remote machine, we are going to use the
First, ensure you are in the home directory. You can use this command for that.
Once in the home directory, copy the public key using this command.
scp .ssh/id_rsa.pub user@remote-machine-ip:
After running this command, you will be prompted for the password of the remote machine. Enter the password and the file will be transferred to the home directory of the remote machine.
We are not done yet. For the public key to work. we have to add it to the authorized keys of the remote machine. Follow the steps below to do so.
Login to the remote machine using the user's password. You can use the code below for this
You will be prompted for the password so do the necessary and hit Enter to login to the remote device.
Once logged in, ensure that the authorized_keys file is available in the .ssh directory. You can do this by creating them.
mkdir .ssh && chmod 700 .ssh
This makes the .ssh directory if it's not available with the right permissions. If available, you will receive an output saying:
The next step is to create the authorized_keys file.
touch .ssh/authorized_keys && chmod 644 .ssh/authorized_keys.
This command creates the authorized_keys file with permissions for the user only. This file will hold all the public keys that the user allows.
Once the directory and files are created, we now append the public key we copied to the authorized keys. To do so, we use the
catcommand as shown below.
cat id_rsa.pub >> .ssh/authorized_keys
And just like that, the two computers can now communicate without using a password. All you do is shh into the remote machine and that is it.
You can use this manual way to copy the files to the remote machine but there is an easier way to do it. One where you will not need to create the directory and file and set their permissions. It is the most recommended way as it eliminates the chances for errors. Let's see how to use the
If you want to know more about permissions and how to change them effectively, check our tutorial on Linux file permissions
2. Copying SSH public key using the
Ssh comes with a very useful command to simplify the copying of ssh keys to remote machines. This command eliminates all those steps shown in method 1 and does away with chances for errors as you only need to run one command. Let's see how the command works.
This command will take the public key from the local machine and transfer it to the right place in the remote machine. That is all you have to do. Simple, right?
What if you have multiple public keys which one will it copy?
Well, by default, it will copy the
id_rsa.pub but you can specify which key it should copy using the
-i flag as shown below.
ssh-copy-id -i .ssh/key2.pub user@remote-machine-ip
As you can see, we specify the name of the public key we want to copy using the
-i flag followed by the path to the key you want to copy then the rest is the same. And just using one command, you have copied the public key to the remote machine.
As shown above, you can copy the public key to the remote machine manually which has more steps and is hence prone to mistakes and using the
ssh-copy-id which simplifies the whole process and is mostly recommended.
That is all for this one. If the guide was helpful, consider sharing it with interested parties.
Thank you for reading : )