||08-18-2004 12:23 AM
Re: SSH Global Key?
Originally posted by kuronai
Just wondering whether it would be possible to generate a DSA public/private keyset on one machine, and use that as the key on a number of subsequent machines. Ie: effectively only use one public/private ssh key on a network.
Have any of you tried this before? :confused:
Thanks for your time :)
You would not want to do it with the main key for the machine but you can make one for your normal user to login on all the machine with it. You need to use ssh-keygen to create the key and save it in your /home/user/.ssh/ directory. To create the key use ssh-keygen -t dsa
then answer the question on where to save the key as you want it named, now if you do not want to type in the password every time you login then just hit enter twice when it asks you for it. Next you have to copy the key to the machines you want to logon to its /home/user/.ssh/authorized_keys so assuming that you already do not have such a file on the systems copied too then scp /home/user/.ssh/key_name_created.pub firstname.lastname@example.org:.ssh/authorized_keys
. When you login to the other machines now all you need to do is ssh -i /home/user/.ssh/key_name_created email@example.com
and you will be logged into the system with no password if you created the key that way otherwise you have to enter the password. To save yourself all the typing you may want to put some aliases in your /home/user/.bashrc like I have in mine.
alias doc="ssh -i /home/stephen/.ssh/nopw firstname.lastname@example.org"
alias dts="ssh -i /home/stephen/.ssh/nopw email@example.com"
alias bts="ssh -i /home/stephen/.ssh/nopw firstname.lastname@example.org"
alias btsx="ssh -X -i /home/stephen/.ssh/nopw email@example.com"
alias sts="ssh -i /home/stephen/.ssh/nopw firstname.lastname@example.org"
alias stsx="ssh -X -i /home/stephen/.ssh/nopw email@example.com"
Then all you have to do to login is type for example in mine doc
in a console window/console and I am logged to the machine 192.168.0.2 as stephen my user name on that machine. Then if I need to do anything as root then I use su and enter the root password and I can do anything I want. Note the first time you use ssh or scp you will be asked if you want to accept the key for the other machine say yes. If you want to use the same process from other machines instead of just a single machine logging to all the others then copy the keys you created both the .pub and the secret key to the .ssh directory of the normal user on those machines and you will have access to any machine from any machine.