SSH Keys

See also the campus page at https://security.berkeley.edu/education-awareness/ssh-key-management

• Creating an OpenSSH Public Key
• Configuring SSH in UNIX to Not Require A Password

Creating an OpenSSH Public Key

To create a public key for use in automatic authentication with ssh do the following:

1. SSH into your favorite unix machine running OpenSSH, such as login.eecs.
2. Type ssh-keygen -t ed25519
3. When the program asks you to “Enter file in which to save the key” just press “enter”
4. You will be prompted to give a passphrase, give it a good one.
5. If you accepted the default names, you will now have a file named “id_ed25519” and a file called “id_ed25519.pub” in your ~/.ssh directory. “id_ed25519” is your private key and “id_ed25519.pub” is your public key, that you can use to automate authentication on machines that you ssh into.

Configuring SSH in UNIX to Not Require A Password

You can use an ssh-agent to manage your ssh connections so that you don’t have to type a password every time when logging into other unix machines.

On Windows, use PuTTY’s pageant.exe, and add your key to it.

On Unix:

1. Add the following lines to your .login (this assumes a login shell of csh/tcsh; use “-s” for bash):
   

   eval `ssh-agent -c`
ssh-add
   

2. Add this line to your .logout:
   

   eval 'ssh-agent -k'

Make sure you still have your “identity.pub” in the remote machine’s authorized_keys file.