1. ❧ rchavik shouted:
    2013/02/06 • 7:09 am

    pbcopy? ftp ?

    duh:

    ssh-copy-id [-i [identity_file]] [user@]machine
    1. So you’re suggesting to use this bash command to paste the SSH public key contents to your remote file? Do we need the [user@]machine portion as well? Explaining this is more helpful than a simple ‘duh.’

      Example

      ssh-copy-id -i id_rsa.pub
  2. Sweet!

    Took roughly about 2 mins to set up.

    Rock on!

    1. Thanks Jake \m/

  3. ❧ Balthazar shouted:
    2013/02/06 • 9:18 am

    Nice blogpost. It comes in very handy!

    1. You got that right ;) A huge time saver. Also works well for Windows using Git Bash.

  4. This is gonna save me like 10 minutes a day, every day. Thanks so much.

    1. You’re welcome Jeffrey! I couldn’t agree with you more on the time saving benefits.

  5. ❧ TJ shouted:
    2013/02/06 • 6:12 pm

    great article! here is the version of the command used to copy the id_rsa.pub file content, regardless of what system you are using…

    cat ~/.shh/id_rsa.pub | ssh $host "cat >> ~/.ssh/authorized_keys"

    as in the article above, replace the value of $host with your hostname as set up in the beginning of the article. awesome workflow!!!

    1. Thanks for the great tip TJ! I knew there had to be another way around that.

  6. ❧ Gijs shouted:
    2013/02/06 • 7:07 pm

    Instead of copying the public key to the clipboard and then editing authorized_keys manually and pasting it back in, consider using ssh-copy-id mt. This will automagically copy your public key file, append it to authorized_keys and set the right permissions on the file so that SSH will use it (it can be picky if the file is too accessible to other users). If you used a non-default identity name, you can use the -i option to select that identity to be copied, rather than the default.

    1. Could you describe the steps in greater detail? If I run

      ssh-copy-id mt

      within my remote .ssh directory I get this warning:

      ssh: Could not resolve hostname mt: Name or service not known

      I also get this warning locally.

      $ ssh-copy-id mt
      -bash: ssh-copy-id: command not found
      1. ❧ TJ shouted:
        2013/02/07 • 5:53 pm

        ssh-copy-id is perfect for this, but unfortunately not included in Mac OS X.
        Both errors are a result of
        1. your remote box not having any need to copy its own key
        2. your local machine not being able to execute the command (assuming you’re on a mac)

        So try as you may – no cigar…Thats why I posted the system agnostic command instead…Hope this helps.

  7. The location and appearance of the authorized_keys file on your remote server

    If the screenshot shows the remote ~/.ssh folder then it’s unwise to show a private key as being on there too. There could be legitimate reasons for it, but as this is a good beginners guide, it’s best to avoid the ambiguity or people might be tempted to upload the contents of their local .ssh to the server.

    The idea is that you keep your private key on your local machine, and just your public key, pasted into a ~/.ssh/authorized_keys file on all the remote machines you want silky smooth access too.

    If you start storing copies of your house keys at local motels, you increase your chance of getting burgled. Same goes with private SSH keys and shared hosting.

    1. Thanks for the tip olizilla! Just to be clear, you’re saying to remove the id_rsa files completely and just use the authorized_keys file on your remote server?

      1. Yes.

        More generally: Never, ever, ever, let the id_[rsa|dsa|woteva] file get out into the wild. It is your private key.

        The trade off for not needing to remember a password is you now need to keep a file safe from being copied on a interconnected-machiniverse that is really good at making perfect copies of things and transporting them to other people, really fast.

        If you cannot be 100% sure that no-one else has ever had access to the private key then you need to go burn the authorized_keys files on all the remote machines it’s been used on (or carefully delete that key from the list in the file if there are more than one). Then delete the now compromised keys, give yourself a good talking to, and start again.

        For completeness, the id_[rsa|dsa|woteva].pub file is your public key, and for as long as you keep the private one safe, you can freely smoosh that around the internet if you like, though, as with all matters of security, it’s better to keep the whole thing quiet.

        As for these other ruffians, TJ’s suggested command is the most platform agnostic of the bunch, and worth taking the time to understand, but it it’s the most likely fail in a hard to diagnose way if mistyped.

        Gijs’ suggestion is good, but, yes, OSX lacks a lot of helpful tools. If you’re interested in learning more text-foo then it’s worth jumping through the hurdles to install homebrew – http://mxcl.github.com/homebrew/
        …The App Store of the command line. Once installed, you can use it to add missing tools like so:

        brew install ssh-copy-id
  8. To make SSH configuration for Github easy, secure and optimized, I created a tool: github-keygen.

    1. Very neat. From what I can interpret from your README the tool is primarily for Github SSH keys and unrelated to placing SSH keys on a remote server? Thanks for sharing.

Leave a Reply

Your email address will not be published. Required fields are marked *

show formatting examples
<pre class="language-[markup | sass | css | php | javascript | ruby | clike | bash]"><code>
…code example goes here…
</code></pre>

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Comment Preview

  1. John Doe shouted this comment preview:
    2013/02/06