Menu

QUICK-N-DIRTY GUIDE TO USING OPENSSH KEYPAIR AUTHENTICATION

To generate a keypair, run:

ssh-keygen -t dsa

(you are advised not to protect the key with a password, as you will then be
prompted for the password everytime you connect). The keypair will be saved
(by default) in $HOME/.ssh/id_dsa, and $HOME/.ssh/id_dsa.pub (the .pub file
is the public key, and the other is the corresponding private key). Now, set
the permissions to protect your $HOME/.ssh/ directory. (Note that these modes
are the most lax permissions that these files and directories are allowed to 
have. You may certainly set the permissions stricter.)

chmod 711 $HOME/
chmod 700 $HOME/.ssh/
chmod 644 $HOME/.ssh/*
chmod 600 $HOME/.ssh/id_dsa

Finally, add the public key to the $HOME/.ssh/authorized_keys file on each
machine to which you wish to connect and set the correct permissions. (Note
that you will be prompted for a password with each command. An alternative is
to login to server and run the commands locally. If you do so, remove the
quoting from the rightmost arguments.)

cat $HOME/.ssh/id_dsa.pub server 'cat >>.ssh/authorized_keys'
ssh server chmod 711 "$HOME/"
ssh server chmod 700 "$HOME/.ssh"
ssh server chmod 644 "$HOME/.ssh/authorized_keys"

For each machine you want to be able to connect from, first copy the id_dsa
file (the private key) to that machine, then follow the above steps.