Last updated on Feb 24th, 2015 but started on May 18th, 2012 and marked as config security server ssh

Generate new SSH keys

To generate a pair of private and public keys on your local machine:

ssh-keygen -t rsa -C "{EMAIL-ADDRESS}"

The -C "{EMAIL-ADDRESS}" serves as a description to the keys and is optional. If you don’t specify it, your username and machine’s name will be used as a comment to identify your public key.

Copy the keys to the remote server

There are several ways of getting your (new) public SSH key onto the remote server.

Using ssh-copy-id

If it is installed on your local system, you can use ssh-copy-id to copy the public key to the remote server:

ssh-copy-id {USER}@{REMOTE_SERVER}

This command is often included in the OpenSSH packages. However, if it is not available, you can also manually copy the file to the remote server.

Step by step

Copy the public key from the local server to the remote server:

scp ~/.ssh/id_rsa.pub {USER}@{REMOTE_SERVER}:

Log in as the new user on your remote server and create a .ssh directory in the user’s home directory.

ssh {USER}@{REMOTE_SERVER}
mkdir ~/.ssh
chmod 700 ~/.ssh

Add the content of the public key to the authorized keys.

cat id_rsa.pub >> ~/.ssh/authorized_keys
rm id_rsa.pub

One-liner

It is also possible to combine the above commands into a one-liner like this:

cat ~/.ssh/id_rsa.pub | ssh {USER}@{REMOTE_SERVER} "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys"

Login to the server without a password

Now you can login to the remote server without having to provide a password:

ssh {USER}@{REMOTE_SERVER}

or, if the user on the local server is the same as on the remote server:

ssh {REMOTE_SERVER}