O'Reilly Hacks
oreilly.comO'Reilly NetworkSafari BookshelfConferences Sign In/My Account | View Cart   
Book List Learning Lab PDFs O'Reilly Gear Newsletters Press Room Jobs  

Quick SSH Public Key Authentication
While reading "Linux Security Cookbook", Section 6.4 entitled "Authentication by Public Key (OpenSSH Client, SSH2 Server, OpenSSH Key) I realized a huge shortcut to the proceedure outlined in the book, using the power of pipes and redirects.

Contributed by:
Ben Lentz
[08/14/03 | Discuss (2) | Link to this hack]

Most systems already have an .ssh folder in everyone's home directory, assuming that ssh has been used before. Generating a key can be done exactly how te book outlines it:

ssh-keygen -t dsa

But copying the public key to the remote system can be done in a single, simple step

cat ~/.ssh/id_dsa.pub | ssh remoteuser@remotehost 'cat - >> ~/.ssh/authorized_keys'

By sending id_dsa.pub to STDOUT on the local machine and piping it to the STDIN of the remote ssh command to be run, 'cat -' (cat STDIN) can be using to pickup this data off the pipe, and send it out to authorized_keys on the remote system.

If you want to maintain the paranoia that the book does with regard to the file and directory permissions, use

ssh remoteuser@remotehost 'chmod 700 ~/.ssh ; chmod 600 ~/.ssh/authorized_keys'

O'Reilly Home | Privacy Policy

© 2007 O'Reilly Media, Inc.
Website: | Customer Service: | Book issues:

All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.