This is largely copied from http://rcsg-gsir.imsb-dsgi.nrc-cnrc.gc.ca/documents/internet/node31.html
It’s quite easy, too, at least if you are running Linux (not sure how well it works on other systems, but I believe Macs are easy too), and its much more secure than a password. You can actually disable passwords entirely for your account, making it impossible for anyone to log in as you unless doing so from one of your authorized computers.
I would strongly encourage you all to make very long, cumbersome passwords, and then use this approach as you will never have to use your password again as long as you are logging in from one of the machines that already has it’s key copied to your .ssh/authorized_keys
You can put as many of these ‘authorized keys’ in the file as you want – e.g. if you have a laptop and a desktop, or want to be able to easily ssh to the cluster from one of our machines.
To summarize, all you do is make an rsa key pair, copy the text from the id_rsa.pub file, and paste into ./ssh/authorized_keys in your zoology home (not on sciborg, but the place you end up when you ssh zoology.ubc.ca.
The website’s more detailed description is below.
ssh-keygen is used to generate that key pair for you. Here is a session where your own personal private/public key pair is created:
cantin@sodium:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/cantin/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/cantin/.ssh/id_rsa.
Your public key has been saved in /home/cantin/.ssh/id_rsa.pub.
The key fingerprint is:
f6:61:a8:27:35:cf:4c:6d:13:22:70:cf:4c:c8:a0:23 cantin@sodium
The command ssh-keygen -t rsa initiated the creation of the key pair.
No passphrase was entered (Enter key was pressed instead).
The private key was saved in .ssh/id_rsa. This file is read-only and only for you. No one else must see the content of that file, as it is used to decrypt all correspondence encrypted with the public key.
The public key is save in .ssh/id_rsa.pub.
In this case, the content of file id_rsa.pub is
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArkwv9X8eTVK4F7pMlSt45pWoiakFkZMw
G9BjydOJPGH0RFNAy1QqIWBGWv7vS5K2tr+EEO+F8WL2Y/jK4ZkUoQgoi+n7DWQVOHsR
ijcS3LvtO+50Np4yjXYWJKh29JL6GHcp8o7+YKEyVUMB2CSDOP99eF9g5Q0d+1U2WVdB
WQM= cantin@sodium
It is one line in length.
Its content is then copied in file .ssh/authorized_keys of the system you wish to SSH to without being prompted for a password.
The example shown here generated keys on sodium by user cantin. If the public key generated, file .ssh/id_rsa.pub, was copied to your account, file .ssh/authorized_keys on nickel.sao.nrc.ca, then user cantin@sodium is allowed to SSH into your own account on nickel.sao.nrc.ca without the use of a password.
To summarize, a personal private/public key pair is generated using the ssh-keygen command. The public key is then copied onto a remote systems’ .ssh/authorized_keys file. And you can now SSH to the remote systems’s account without the use of a password.
I’ve moved this to Compu-Bioinfo (it was Uncategorized) to make it easier to find.
If you use PuTTY (a popular client for SSH and other protocols) to log in from Windows you’ll need to
1. generate the keys using PuTTYgen (part of the PuTTY package),
2. copy and paste the public key from the dialog box (NOT the text file produced) to .ssh/authorized_keys in your home folder on zoology.ubc.ca
3. save the public key somewhere sensible and
4. in your PuTTY session, go to Connection>SSH>Auth and browse to the private key that you saved.