Public Key Authentication with SSH

=Introduction= Public key authentication is a great way to "automate" ssh authentication and save yourself the time of typing in your password every time you open a tunnel.

Note: Throughout this page the "client" will refer to the local machine you are using and the "server" is the machine you are SSHing to.

=Unix Setup= If you are SSHing from a Unix machine to another Unix machine, this is the easiest scenario to set up (doing it with Windows at either end complicates things).

The first thing you will need to do is generate a public/private key pair for you client machine (if you do not already have one generated).

Open a terminal on the client machine, navigate to the ".ssh" folder in your home directory, and list the files in it cd ~/.ssh ls

If you see the files "id_rsa" and "id_rsa.pub" listed then you already have a public/private key pair. The file "id_rsa" contains your private key, do NOT share this or copy it anywhere else. The file "id_rsa.pub" contains your public key, this is what will be placed on the server so it can authenticate you when you try to connect.

Generating a public/private key pair
If you did not see those files, you will need to generate a key pair. This is done with the "ssh-keygen" utility. I recommend using RSA encryption and a key strength of at least 2048 bits. You can google different encryption types and bit lengths if you wish to learn more about what that means.

Execute the following command

ssh-keygen -t rsa -b 2048

You should see the following prompt Enter file in which to save the key

Skip this by pressing enter, it will automatically give the file the appropriate name.