This is a simple and bare bones way to create a dsa key to connect from one server to another via ssh without using passwords. In plain english: How to connect from your unix (most likely mac os x) computer to your server without typing in a password.
Say you want to connect from your computer, mason, to a remote server, dixon, running ssh.
In your home directory in mason, you need to create a DSA key:
$ssh-keygen -t dsa
Enter file in which to save the key (/home/alan/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/alan/.ssh/id_dsa.
Your public key has been saved in /home/alan/.ssh/id_dsa.pub.
The key fingerprint is:
34:18:10:00:ff:ab:2a:ff:23:45:98:34:b2:41:c4:58 alan@localhost.localdomain
The program will prompt you to type in a name for the private and public key files and a password but do not enter any values for now; just hit the enter key for all questions.
Two files should have now been created in your home directory:
~/.ssh/id_dsa
~/.ssh/id_dsa.pub
The id_dsa file is your private file - no one but you should ever get have access to this file. The id_dsa.pub file is your public key file - this is the file to distribute to the servers you want to remotely login to.
I like to rename my public file to something more meaningful:
$mv id_dsa.pub alan_laptop_public.key
Now copy this key to the remote account:
$scp alan_laptop_public.key alan@dixon:
SSH into the remote machine and move the file into your .ssh folder.
[dixon]$mv alan_laptop_public.key .ssh/
[dixon]$cd .ssh
now check if there is already a file in your .ssh folder named
authorized_keys2 (you may have one called authorized_keys but we won't use that one here.)
If you have an authorized_keys2 file, concatenate the contents of your uploaded file to it by typing in:
[dixon]$cat alan_laptop_public.key >> authorized_keys2
You can run the command above to create the authorized_keys2 file if you don't have one.
Now we need to make sure that your newly created file has the proper permissions set:
[dixon]$chmod 644 authorized_keys2
that's it. You should now be able to do this from mason:
$ssh dixon
Last login: Thu Nov 16 16:18:47 2006 from 192.168.181.128
[dixon]$
and be logged into to dixon without being asked a password.
I realize that if you are reading this tutorial you probably don't understand how ssh keys work and maybe don't care to - I don't blame you - I did not find the whole ssh key concept intuitive at all. But to get work done, this setup will probably cover you for about 80% of the tasks that you need to get done with ssh or scp.
Ideally you want to be creating a password for your ssh keys. And for ease of use, you would want to run something called an ssh key agent. This method will be covered in a separate tutorial.