[Next] [Previous] [Up] [Top] [Contents]
29.4 Setting up the Service
29.4.3 Generating the keys, ssh-keygen
To generate the keys use ssh-keygen. It will populate the files: ~/.ssh/identity and ~/.ssh/identity.pub for the user. If the user is root do this without a passphrase, and then you can copy these to: /etc/ssh_host_key and /etc/ssh_host_key.pub. Then to allow hosts and users to connect you copy the public keys from the remote hosts and users to the comparable files on this host, and for the desired user.
Host: /etc/ssh_host_key.pub Þ /etc/ssh_known_hosts This is required if StrictHostKeyChecking is turned on in sshd_config. If this is not turned on than the user's ~/.ssh/known_hosts file will be updated when they connect to other hosts.
User: ~/.ssh/identity.pub Þ ~/.ssh/authorized_keys
Each user must use ssh-keygen to generate their own unique set of keys. For additional security they should provide a passphrase.
Unix System Administration - 8 AUG 1996
[Next] [Previous] [Up] [Top] [Contents]