0

Say I have two computers connected to the same Wifi network. Let's call them computer-A & computer-B.

I am using computer-A, I can ping computer-B without issues.

Now, on computer-A, I have generated a new SSH key pair (but not the default id_rsa pair which this computer already have). Let's call the keys : newkey and newkey.pub.

I would like to use ssh-copy-id command to copy the newkey.pub to computer-B.

I get confused at this point, in order to do above thing, does computer-B need to have a previously generated public key of keypair from computer-A in order to establish a SSH connection for the ssh-copy-id to work?

Asking in another way, if computer-B doesn't have any public key at all from computer-A, would ssh-copy-id still work?

I checked this ssh-copy-id doc, I wonder in their example ssh-copy-id -i ~/.ssh/mykey user@host, is that ~/.ssh/mykey a public key or private key?

user842225
  • 101
  • 2

1 Answers1

0

ssh-copy-id uses ssh for connecting. So if there is a key available already, it will use that (in case of multiple identity files). If there is no key, it will ask for a password.

Lacek
  • 7,233
  • 24
  • 28
  • Could you please be more specific? When you say "if there is a key available already", which key? (the public or private one)? available in where? (computer-A or computer-B) in my case? – user842225 Feb 09 '23 at 13:35
  • I mainly want to understand if computer-B doesn't have any key, would `ssh-copy-id` still work on computer-A to move key to computer-B – user842225 Feb 09 '23 at 13:36
  • `ssh-copy-id` will behave exactly as if `ssh` would if you issued the `ssh computer-B` command on computer-A. If `ssh` asks for a password, so will `ssh-copy-id`. If it isn't, `ssh-copy-id` won't either. – Lacek Feb 09 '23 at 14:26
  • This is exactly what confused me, if it is like that, why I see people use `ssh-copy-id` for copy public key to another machine in order to establish SSH connection, if using `ssh-copy-id` is same as using `ssh` it would mean the public key should already in place of the remote machine before using `ssh-copy-id`. Your answer still makes it like a "chicken-egg which one first" confusion to me... I wish I could get an answer explain the point of using `ssh-copy-id` to move public key to another machine for establish SSH connection... I hope you understand the confusion I am having now. – user842225 Feb 09 '23 at 14:53
  • It makes you to enter password only once (during ssh-copy-id) and then use only key based auth, for example. If you don't have any prior means to authenticate to the server somehow (with password, previously transferred key, gssapi, etc.), ssh-copy-id won't work. – Nikita Kipriyanov Feb 09 '23 at 15:07
  • @NikitaKipriyanov , thanks. Do I interpret your answer correctly that in the 1st place, when the remote host doesn't have any SSH public key of my machine, it would use the password authentication to establish the SSH connection (while using `ssh-copy-id`), after which the public key then copied over the network, and then, the connection between my machine and the remote host starts using ssh key authentication to establish SSH connection ? – user842225 Feb 09 '23 at 15:11
  • 1
    Yes, you use password or whatever else is configured once. If key-based auth enabled and ssh-copy-id succeeds, you may start using key-based authentication. – Nikita Kipriyanov Feb 09 '23 at 15:13