problem identification ssh public key private on mac os x

**Hugo Boss** · 30-03-2009

Hello everyone,
In my network, I have my Mac OSX server and run it.
I want my mac to connect to the debian via ssh without having to write the password, so I think the identifiaction rsa public key without a pass, here's what I did:

1 / debian on the creation of the keys in / home/user1/.ssh: ssh-keygen-t rsa-b 1024
2 / Create a file / home/user1/.ssh/config with the content:

Host 'IP_du _debian'
User user1
Compression yes
Protocol 2
RSAAuthentication yes
No StrictHostKeyChecking
ForwardAgent yes
ForwardX11 yes
IdentityFile / home/user1/.ssh/id_rsa

3 / copy the public key / home/user1/.ssh/id_rsa.pub on my mac in / Users/user2/.ssh/authorized_keys
4 / I restarted sshd on debian

So, it should work when I'm on my mac as user2 and write ssh user1 @ IP_du_debian ....

But I am still the word from user1!

I hit the head against the wall all evening yesterday
the procedure I just described is a procedure that I have already used and works between servers and clients ssh on ubuntu.
Is there a special configuration to do on the mac? or on debian?

Who can help me with your help.

**Ryder** · 30-03-2009

ssh-agent and ssh-add also can not enter the pass of your rsa (pcq you put your keys not hope ) Only once and then you log in without having to enter any pass Practice for scp!

**Steve123** · 30-03-2009

I try to use ssh with public key / private between 2 macs
I followed exactly the instructions

SSH key pairs

It is strongly recommended to use SSH with his way of public / private key. This allows more security, more flexibility in the scripts. This article will explain the principle of double keys and their use.

Public key, private key

When creating a key pair, it creates two files linked by the following rules:
all that is encrypted with one key can only be decrypted using the other.
everything that is signed by the private key can be verified with the public key.

Thus, the private key remains the exclusive possession of a user, while the public key can (must) be distributed. So if I give you my public key, you can decipher the documents that I send you in confidence that it is me who has the figures. Conversely, you can encrypt a document with my public key to be sure that I could only read it.

To "guarantee" [1] the confidentiality and security of an exchange between users A and B, each must have its own key pair. To encrypt the document with his private key, then with the public key of B. Only B can decrypt the received document with his private key, and will be sure that the document had been sent by A, since one will then decrypt the document with the public key of A.
Generate the key pair

Open the Terminal and type the command:

ssh-keygen -t rsa

The command you to create a file id_rsa (private key) in a .ssh at the root of your user account. If this directory does not exist, it will be created with good rights (700 for only the user can access it) by the command. At the same place, it will create another file the same name but with the extention. Pub (id_rsa.pub) to the corresponding public key.

You can provide a passphrase (a passphrase is a password, but instead of a word you can use a phrase) to better secure your key, but not required (see below) .
Send the public key

Type the following commands:

ssh lecompte@leserveur mkdir -p ~/.ssh
scp id_rsa.pub lecompte leserveur:./myrsa.pub
ssh lecompte@leserveur cat ~/myrsa.puh >>~/.ssh/authorized_keys

Now, the command ssh <serveur> only ask that the passphrase, if you have given (instead of the password). I agree: not much change in appearance, except that the passphrase is not sent over the network, but is used locally to authorize the use of the key.

If you do not put a passphrase, the connection is direct, a bit like (for those who know), the good old rlogin (the connection is still encrypted of course). The latter is useful for scripts.
Deployment of Public Key

If you have any scripts that need to connect to many machines to launch one or multiple commands, you will enjoy the script attached.

Script deployment of public keys

DOwnload zip file

The script displays the public key of the current account defined in the file ~ / ~/.ssh/id_rsa.pub (and any other public key defined in the ~ / ~/.ssh/id_rsa.pub.* on account of machinery ladmin defined in the file liste_machine which is located in the same directory as the script. In this script I considered that the machines are on the local network and that I can contact them in Hello, I added it. Each local machine name. This script can not be launched automatically, because it asks the password for the admin account for all machines on which the public key has not been sent.