Using SSH keys in Linux
La commande ssh-keygen sert à créer une paire de clés. Avant de lancer la commande, vérifiez si vous n'avez pas déjà une paire de clés. Les clés se trouvent dans le répertoire .ssh/ dans votre répertoire principal. Le nom par défaut de la clé privée est id_rsa; celui de la clé publique est id_rsa.pub. La commande
ssh-keygen -b 2048 -t rsa
produira un résultat semblable à ceci :
Generating public/private rsa key pair. Enter file in which to save the key (/home/ubuntu/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/ubuntu/.ssh/id_rsa. Your public key has been saved in /home/ubuntu/.ssh/id_rsa.pub. The key fingerprint is: ef:87:b5:b1:4d:7e:69:95:3f:62:f5:0d:c0:7b:f1:5e ubuntu@test-key The key's randomart image is: +--[ RSA 2048]----+ | | | | | . | | o . | | S o o.| | . + +oE| | .o O.oB| | .. +oo+*| | ... o..| +-----------------+
when prompted you should enter a passphrase. If you already have a key pair saved with the default names you may wish to enter a file name for the saved keys so as not to overwrite an existing key pair.
Connecting using a Key Pair
Once your key pair has been created copy the public key (the /home/ubuntu/.ssh/id_rsa.pub key file in the above on your local machine) to the /home/USERNAME/.ssh/authorized_keys file on the server you wish to connect to. If you had to create the file /home/USERNAME/.ssh/authorized_keys ensure the file authorize_keys and directory .ssh have the correct permissions with chmod 600 ~/.ssh/authorized_keys and chmod 700 ~/.ssh respectively.
Finally test the new key by sshing to the remote machine from the local machine with
ssh -i /home/ubuntu/.ssh/id_rsa USERNAME@ADDRESS
where /home/ubuntu/.ssh/id_rsa specifies your private key file and USERNAME is the user name on the remote machine, and ADDRESS is the address of the remote machine.