{"id":66,"date":"2008-11-07T13:49:51","date_gmt":"2008-11-07T04:19:51","guid":{"rendered":"http:\/\/www.clearchain.com\/blog\/?p=66"},"modified":"2008-11-07T13:57:27","modified_gmt":"2008-11-07T04:27:27","slug":"setting-up-ssh-publicprivate-keys","status":"publish","type":"post","link":"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys","title":{"rendered":"Setting up SSH Public\/Private Keys"},"content":{"rendered":"
Using SSH for Automatic Key authentication<\/span><\/h6>\n

SSH provides an encrypted tunnel for use with interactive and non interactive terminal sessions. It provides authentication via a number of methods including password, public\/private key pairs and challenge keys.<\/p>\n

SSH also provides authentication forwarding between machines. This feature allows a user to be able to log on to a machine without the need of typing a password. This is an extreemly strong feature as it means you can provide access to an account or even to execute a command without the need to provide someone with a password.<\/p>\n

<\/p>\n

In order to setup public\/private key authentication forwarding both the client and the server must have knowledge of the relevant keys. You must also consider the version of SSH software that the server\/client is running as different versions use different files. Generating SSH Keys<\/p>\n

The first step is to generate an SSH private\/public key pair. For this I assume you are using some version of OpenSSH. There is currently three types of ssh key pairs that can be generated. They are rsa1, rsa and dsa. Of these dsa is the most secure and is the one used by ssh2. To generate the key perform the following:<\/p>\n

  ssh-keygen -t rsa1\r\n  ssh-keygen -t rsa\r\n  ssh-keygen -t dsa<\/pre>\n
The public\/private keys will be installed in the following places<\/p>\n\n\n\n\n\n\n
SSH Version<\/td>\nKey Type<\/td>\nOpenSSH<\/td>\nSSH 2(Commercial)<\/td>\n<\/tr>\n
old ssh1<\/td>\nrsa1<\/td>\n~\/.ssh\/identity & ~\/.ssh\/identity.pub<\/td>\nNot Generatable<\/td>\n<\/tr>\n
ssh1<\/td>\nrsa2<\/td>\n~\/.ssh\/id_rsa & ~\/.ssh\/id_rsa.pub<\/td>\n~\/.ssh2\/id_rsa_[keywidth]_a & \/.ssh2\/id_rsa_[keywidth]_a.pub<\/td>\n<\/tr>\n
ssh2<\/td>\ndsa<\/td>\n~\/.ssh\/id_dsa & ~\/.ssh\/id_dsa.pub<\/td>\n~\/.ssh2\/id_dsa_[keywidth]_a &\/.ssh2\/id_dsa_[keywidth]_a.pub<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
<\/a><\/p>\n
Automated Authentication<\/span><\/h5>\n
With the keys generated it is now possible to setup automatic key authentication. This means when you log in to a machine you don’t need to enter your password. The authentication happens by the server encrypting some data with your public key then challenging the client to decript it. For this to happen, the client must have the private key matching the public key.<\/p>\n
The procedure to set this up varies up which server you attempting to access. The procedure is basically as follows:<\/p>\n
  scp [publickey] user@host:~\r\n  ssh user@host\r\n  cat [publickey] >> [filename]<\/pre>\n
The above is the basic procedure. However the publickey and filename vary depending on the server\/client you are using. A valid example for OpenSSH using dsa keys is:<\/p>\n
\u00a0<\/p>\n
  scp ~\/.ssh\/id_dsa.pub user@host:~\r\n  ssh user@host\r\n  cat id_dsa.pub >> ~\/.ssh\/authorized_keys2<\/pre>\n
The table below shows which file to copy where:<\/p>\n\n\n\n\n\n\n
Local OpenSSH Key<\/td>\nOpenSSH (Remote Machine)<\/td>\nSSH2(Commercial) (Remote Machine)<\/td>\n<\/tr>\n
identity.pub<\/td>\nUnknown At present<\/td>\nUnknown at present<\/td>\n<\/tr>\n
id_rsa.pub<\/td>\n~\/.ssh\/authorized_keys<\/td>\n1<\/sup><\/span>\u00a0~\/.ssh2\/id_rsa_SECSH.pub & “echo key id_rsa_SECSH.pub >> authorization”<\/td>\n<\/tr>\n
id_dsa.pub<\/td>\n~\/.ssh\/authorized_keys2<\/td>\n1<\/sup><\/span>\u00a0~\/.ssh2\/id_dsa_SECSH.pub & “echo key id_dsa_SECSH.pub >> authorization”<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
Note 1:\u00a0<\/cite>In order to generate an SECSH compliant key the following OpenSSH Command can be used:<\/p>\n
  ssh-keygen -e -f [KEY].pub > [KEY]_SECSH.pub<\/pre>\n

\n<\/span><\/div>\n","protected":false},"excerpt":{"rendered":"
Using SSH for Automatic Key authentication SSH provides an encrypted tunnel for use with interactive and non interactive terminal sessions. It provides authentication via a number of methods including password, public\/private key pairs and challenge keys. SSH also provides authentication forwarding between machines. This feature allows a user to be able to log on to [..more..]<\/font><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,21],"tags":[66,65,64,67,63],"class_list":["post-66","post","type-post","status-publish","format-standard","hentry","category-computers","category-opensource","tag-dsa","tag-keys","tag-openssh","tag-rsa","tag-ssh"],"yoast_head":"\nSetting up SSH Public\/Private Keys - ClearChain<\/title>\n<meta name=\"description\" content=\"Using SSH for Automatic Key authentication SSH provides an encrypted tunnel for use with interactive and non interactive terminal sessions. It provides\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Benjamin Close\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys\"},\"author\":{\"name\":\"Benjamin Close\",\"@id\":\"https:\/\/www.clearchain.com\/blog\/#\/schema\/person\/aef6faa2c32188398139db9270ca1c98\"},\"headline\":\"Setting up SSH Public\/Private Keys\",\"datePublished\":\"2008-11-07T04:19:51+00:00\",\"dateModified\":\"2008-11-07T04:27:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys\"},\"wordCount\":485,\"commentCount\":0,\"keywords\":[\"dsa\",\"keys\",\"openssh\",\"rsa\",\"ssh\"],\"articleSection\":[\"Computers\",\"OpenSource\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys\",\"url\":\"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys\",\"name\":\"Setting up SSH Public\/Private Keys - ClearChain\",\"isPartOf\":{\"@id\":\"https:\/\/www.clearchain.com\/blog\/#website\"},\"datePublished\":\"2008-11-07T04:19:51+00:00\",\"dateModified\":\"2008-11-07T04:27:27+00:00\",\"author\":{\"@id\":\"https:\/\/www.clearchain.com\/blog\/#\/schema\/person\/aef6faa2c32188398139db9270ca1c98\"},\"description\":\"Using SSH for Automatic Key authentication SSH provides an encrypted tunnel for use with interactive and non interactive terminal sessions. It provides\",\"breadcrumb\":{\"@id\":\"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.clearchain.com\/blog\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Setting up SSH Public\/Private Keys\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.clearchain.com\/blog\/#website\",\"url\":\"https:\/\/www.clearchain.com\/blog\/\",\"name\":\"ClearChain\",\"description\":\"-= Daily Happenings =-\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.clearchain.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.clearchain.com\/blog\/#\/schema\/person\/aef6faa2c32188398139db9270ca1c98\",\"name\":\"Benjamin Close\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.clearchain.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/19dca0aa372edfa901b93c556dfda2e78ad4434558fe4d139598e086315d714a?s=96&d=mm&r=pg\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/19dca0aa372edfa901b93c556dfda2e78ad4434558fe4d139598e086315d714a?s=96&d=mm&r=pg\",\"caption\":\"Benjamin Close\"},\"sameAs\":[\"http:\/\/www.clearchain.com\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Setting up SSH Public\/Private Keys - ClearChain","description":"Using SSH for Automatic Key authentication SSH provides an encrypted tunnel for use with interactive and non interactive terminal sessions. It provides","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys","twitter_misc":{"Written by":"Benjamin Close","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys#article","isPartOf":{"@id":"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys"},"author":{"name":"Benjamin Close","@id":"https:\/\/www.clearchain.com\/blog\/#\/schema\/person\/aef6faa2c32188398139db9270ca1c98"},"headline":"Setting up SSH Public\/Private Keys","datePublished":"2008-11-07T04:19:51+00:00","dateModified":"2008-11-07T04:27:27+00:00","mainEntityOfPage":{"@id":"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys"},"wordCount":485,"commentCount":0,"keywords":["dsa","keys","openssh","rsa","ssh"],"articleSection":["Computers","OpenSource"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys","url":"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys","name":"Setting up SSH Public\/Private Keys - ClearChain","isPartOf":{"@id":"https:\/\/www.clearchain.com\/blog\/#website"},"datePublished":"2008-11-07T04:19:51+00:00","dateModified":"2008-11-07T04:27:27+00:00","author":{"@id":"https:\/\/www.clearchain.com\/blog\/#\/schema\/person\/aef6faa2c32188398139db9270ca1c98"},"description":"Using SSH for Automatic Key authentication SSH provides an encrypted tunnel for use with interactive and non interactive terminal sessions. It provides","breadcrumb":{"@id":"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.clearchain.com\/blog\/posts\/setting-up-ssh-publicprivate-keys#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.clearchain.com\/blog"},{"@type":"ListItem","position":2,"name":"Setting up SSH Public\/Private Keys"}]},{"@type":"WebSite","@id":"https:\/\/www.clearchain.com\/blog\/#website","url":"https:\/\/www.clearchain.com\/blog\/","name":"ClearChain","description":"-= Daily Happenings =-","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.clearchain.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.clearchain.com\/blog\/#\/schema\/person\/aef6faa2c32188398139db9270ca1c98","name":"Benjamin Close","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.clearchain.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/19dca0aa372edfa901b93c556dfda2e78ad4434558fe4d139598e086315d714a?s=96&d=mm&r=pg","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/19dca0aa372edfa901b93c556dfda2e78ad4434558fe4d139598e086315d714a?s=96&d=mm&r=pg","caption":"Benjamin Close"},"sameAs":["http:\/\/www.clearchain.com"]}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.clearchain.com\/blog\/wp-json\/wp\/v2\/posts\/66","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.clearchain.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.clearchain.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.clearchain.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.clearchain.com\/blog\/wp-json\/wp\/v2\/comments?post=66"}],"version-history":[{"count":2,"href":"https:\/\/www.clearchain.com\/blog\/wp-json\/wp\/v2\/posts\/66\/revisions"}],"predecessor-version":[{"id":72,"href":"https:\/\/www.clearchain.com\/blog\/wp-json\/wp\/v2\/posts\/66\/revisions\/72"}],"wp:attachment":[{"href":"https:\/\/www.clearchain.com\/blog\/wp-json\/wp\/v2\/media?parent=66"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.clearchain.com\/blog\/wp-json\/wp\/v2\/categories?post=66"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.clearchain.com\/blog\/wp-json\/wp\/v2\/tags?post=66"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}