SocSci Computing Services Help Pages

User Tools

Site Tools

Trace:
howto:sshkey

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
howto:sshkey [2025/07/08 23:20] jnilssonhowto:sshkey [2025/07/22 17:42] (current) – [Ask for help from SSCS] jnilsson
Line 2: Line 2:
 ===== Generating keys ===== ===== Generating keys =====
 === ssh-keygen === === ssh-keygen ===
-You use the tool "ssh-keygen" to create your public-private key pair.  Depending on what you need to do, there are many options available, but here is an example session showing how you can run **''ssh-keygen''**:+You use the tool "**ssh-keygen**" to create your public-private key pair. Here is an example session showing how you can run ssh-keygen:
 <code bash> <code bash>
 [user@host ~]$ ssh-keygen -t ed25519 -C "Add a Description to easily tell which machine this belongs to" [user@host ~]$ ssh-keygen -t ed25519 -C "Add a Description to easily tell which machine this belongs to"
Line 10: Line 10:
 Enter same passphrase: [Enter to leave empty] Enter same passphrase: [Enter to leave empty]
 </code> </code>
-You should leave the default values above by simply hitting Enter three times.  The private key is created in id_ed25519 and the matching public key is id_ed25519.pub. The id_ed25519 file name is what ssh will look for when attempting public-key authentication (unless specified differently using the IdentityFile variable in the global config file /etc/ssh/ssh_config or your local config file ~/.ssh/config).+You should leave the default values above by simply hitting **Enter** three times.  The private key is created in id_ed25519 and the matching public key is id_ed25519.pub. The id_ed25519 file name is what ssh will look for when attempting public-key authentication (unless specified differently using the IdentityFile variable in the global config file /etc/ssh/ssh_config or your local config file ~/.ssh/config).
  
 ===== Distributing your public key ===== ===== Distributing your public key =====
Line 18: Line 18:
  
 There are different ways to distribute and set up the authorized_keys file depending on your situation: There are different ways to distribute and set up the authorized_keys file depending on your situation:
 +
 +==== Ask for help from SSCS ====
 +
 +You can always ask for help from [[socit@uci.edu]] and we'll work with you to get your public key set up.
 +
 +If you want to DIY, you can try one of the methods below:
  
 ==== Local Console Access ==== ==== Local Console Access ====
Line 24: Line 30:
   - Save the .pub key file either in email to yourself or on a USB drive   - Save the .pub key file either in email to yourself or on a USB drive
   - On the local console of the remote host, login as your user account:   - On the local console of the remote host, login as your user account:
-    - Copy the contents of the new public key (either from email or a USB drive) to a temp file:<code>+    - Copy the contents of the new public key (either from email or a USB drive) to a temp file:<code bash>
 TMP_NEWKEY_FILE=/tmp/newkey.pub TMP_NEWKEY_FILE=/tmp/newkey.pub
 echo "ssh-ed25519 AAAAasdfghjklQWERTYPOIUzxcvbnm/00/PLokIJuhYG12345 this is a comment" > $TMP_NEWKEY_FILE echo "ssh-ed25519 AAAAasdfghjklQWERTYPOIUzxcvbnm/00/PLokIJuhYG12345 this is a comment" > $TMP_NEWKEY_FILE
 </code> </code>
-    - Set up your ~/.ssh directory and authorized_keys file with correct permissions. This is safe to do even if they already exist and will not erase or overwrite existing keys:<code>+    - Set up your ~/.ssh directory and authorized_keys file with correct permissions. This is safe to do even if they already exist and will not erase or overwrite existing keys:<code bash>
 mkdir -p ~/.ssh mkdir -p ~/.ssh
 touch ~/.ssh/authorized_keys touch ~/.ssh/authorized_keys
Line 34: Line 40:
 chmod 600 ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys
 </code> </code>
-    - Append your new public key:<code>+    - Append your new public key:<code bash>
 cat $TMP_NEWKEY_FILE >> ~/.ssh/authorized)_keys cat $TMP_NEWKEY_FILE >> ~/.ssh/authorized)_keys
 </code> </code>
-    - Delete the temp file:<code>+    - Delete the temp file:<code bash>
 rm $TMP_NEWKEY_FILE rm $TMP_NEWKEY_FILE
 </code> </code>
Line 73: Line 79:
 If password authentication is already disabled, then you will have to give your public key file to someone with admin access who already has public key authentication set up, or follow the above instructions for local console access to set it up yourself. If password authentication is already disabled, then you will have to give your public key file to someone with admin access who already has public key authentication set up, or follow the above instructions for local console access to set it up yourself.
  
-If you have admin access and have been asked to add someone else's public key to their user account, the following example code should guide you on the steps to take. This assumes that they have somehow given you their public key and it is stored in a file called /tmp/newkey.pub and their user account is example. Modify these variables appropriately to meet your needs: +If you have admin access and have been asked to add someone else's public key to their user account, the following example code should guide you on the steps to take. This assumes that they have somehow given you their public key and it is stored in a file called /tmp/newkey.pub and their username is "example". Modify these variables appropriately to meet your needs: 
-<code>+<code bash>
 USERNAME=example USERNAME=example
 TMP_PUBKEY_FILE="/tmp/newkey.pub" TMP_PUBKEY_FILE="/tmp/newkey.pub"
howto/sshkey.1752016857.txt.gz · Last modified: 2025/07/08 23:20 by jnilsson