The following skills work on Mac OS X, and may also work in most of the Linux distribution.

Generate Public and Private Keys

To generate a pair of private and public keys, run the follow commands, and please DO input a good passphrase to protect the private key (default is 2048-bits, change it to 4096 if you like):

ssh-keygen -t rsa -b 2048 -C "Your email address or a string which you prefer"

The previous command will create the "~/.ssh" folder by default. If you have to create that folder manually due to unknown reason, do like this:

mkdir ~/.ssh
chmod 700 ~/.ssh  # ensure no other common user can access this folder


SSH Authentication without Specifying Password

If you have copies the public key to a server, and you need not to input the password every time you try to log in that server.

To achieve this, you could:

  1. Manually copy (or append) your public key to the file "~/.ssh/authorized_keys" in the user's home folder in that server.
    • Notes: please ensure the ".ssh" is of mode "700", and "authorized_keys" is of mode "600")
  2. Run this command on the client machine which you store the private key (it will create "authorized_keys" if necessary, and append your public key):
      ssh-copy-id <username>@<remote_host>

Multiple SSH private keys on one client

If you have to use multiple SSH private keys to access to different servers, and you don't want to use use "-i <key location>" parameter to specify the key. The following way may be the best way.

To define the matching between the keys and the servers (or even the user names) in file "~/.ssh/config", like:

Host myshortname
    IdentityFile ~/.ssh/realname_rsa # private key for realname
    User remoteusername

Host myother
    IdentityFile ~/.ssh/realname2_rsa
    User remoteusername

Notes: via

Generate the Public Key from Private Key

Runs the following command (please replace the file names), and append "comment" like "myname@…" or even "My key on XXXX" to the tail of the new generated file.

ssh-keygen -y -f ~/.ssh/YOUR_PRIVATE_KEY_FILE > ~/.ssh/NEW_GENERATED_PUB_KEY_FILE

See also

Last modified 4 years ago Last modified on Apr 5, 2015, 4:48:27 AM