Below is my preferred method of setting up my SSH keys.
On the local machine, execute the following where -C
is a comment.
ssh-keygen -t rsa -b 4096 -C "username@remotehost.domain.com"
When prompted for the file name, write it as ~/.ssh/localhost_remoteuser@remotehost_id_rsa
.
On the local machine create the file ~/.ssh/config
. Below is a sample file.
# %l = local hostname
# %r = remote username
# %h = remote hostname
Host *
Port 22
ServerAliveInterval 60
Host remotehost
HostName remotehost.domain.com remotehost
User username
IdentityFile ~/.ssh/%l_%r@%h_id_rsa
If needed, make sure that ssh-copy-id
is installed. On macOS, it can be installed with Homebrew with the command
brew install ssh-copy-id
Now execute the following to copy over the key.
ssh-copy-id -i ~/.ssh/localhost_remoteuser@remotehost_id_rsa.pub username@remotehost.domain.com
and enter your password when prompted.
Copy the needed key using scp
and then adjust needed permissions. Everything below assumes PowerShell.
cp C:\Users\yourUserName\.ssh\id_rsa.pub C:\Users\yourUserName\authorized_keys
On your host create the .ssh
directory if it does not exist.
mkdir ~/.ssh/
Copy the file from windows to the remote host.
# default port
scp authorized_keys user@remote:~/.ssh
# custom port
scp -P portno authorized_keys user@remote:~/.ssh
Finally, back on the remote host make sure permissions are set correctly.
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
Of course test from Windows you can ssh without requiring a password. Finally clean up by removing the authorized_keys
file.
Remove-Item C:\Users\yourUserName\authorized_keys
As an alternative, name the key as ~/.ssh/remoteuser@remotehost_id_rsa
. This is necessary when working on my work computer as my hostname changes when I am working within the corporate network or outside the network.
Thus, ~/.ssh/config
will mirror the sample file below.
# %r = remote username
# %h = remote hostname
Host *
Port 22
ServerAliveInterval 60
Host remotehost
HostName remotehost.domain.com remotehost
User username
IdentityFile ~/.ssh/%r@%h_id_rsa
Adapted from http://nerderati.com/2011/03/17/simplify-your-life-with-an-ssh-config-file/. Windows key copying from https://security.stackexchange.com/a/167953.