Creating SSH keys

Question

I'm new to this so I hope I don't ask nonsense.

I want to send an SSH command to a remote server without password.

On the local machine we have multiple users.

On the remote machine there is only one user, so I have to connect with that_user@remote_server.

Is it possible to create RSA keys for all the users at local_machine (each user will add it's own) to the one user at remote server?

Thanks,

Yes, it is possible. `man authorized_keys` – Gerald Schneider Jan 05 '17 at 14:36 — Gerald Schneider, Jan 05 '17 at 14:36
@GeraldSchneider `No manual entry for authorized_keys` – Jakuje Jan 05 '17 at 14:47 — Jakuje, Jan 05 '17 at 14:47

score 10 · Accepted Answer · answered Jan 05 '17 at 14:43

10

Yes.

Please create your key on the source system (ssh-keygen -t rsa, for instance), then use the ssh-copy-id command to push it to the remote system.

The following should work for you:

ssh-copy-id that_user@remote_server

answered Jan 05 '17 at 14:43

ewwhite

197,159
92
443
809

Don't forget to mention to create an SSH key per user and push each public key for each user into that_user's `authorized_keys` file on the remote_machine. – Jan 08 '17 at 17:54

score 4 · Answer 2 · answered Jan 05 '17 at 14:39

4

Yes, just run ssh-keygen -t rsa under each user, and then add the contents of ~/.ssh/id_rsa.pub file, or whatever file you chose to contain created ssh key, to the end of ~/.ssh/authorized_keys file in the home directory of the user on the remote server.

answered Jan 05 '17 at 14:39

ralz

2,751
2
17
22

Assuming that all of the systems support it, it's likely better to be using ed25519 keys as opposed to RSA. – EEAA Jan 05 '17 at 16:29

score 3 · Answer 3 · edited Apr 13 '17 at 12:14

3

Yes, it's possible, have a look at this question: SSH public key authentication - can one public key be used for multiple users?

Basically you have to

Create a private/public key pair for each user at local_machine, let's say id_rsa and id_rsa_.pub ; the keys will reside in each users' ~/.ssh/ folder.
append the contents of each user id_rsa.pub into ~/.ssh/authorized_keys on remote-machine. You can do that remotely via

cat /home/newuser/.ssh/id_rsa.pub | ssh user@remote_machine "cat >> ~/.ssh/authorized_keys"

edited Apr 13 '17 at 12:14

Community

1

answered Jan 05 '17 at 14:44

Mike L'Angelo

296
1
8

4

Why is this better than "ssh-copy-id that_user@remote_server"? – Elad Weiss Jan 05 '17 at 14:56
1

@EladWeiss Both ways have their pros and cons. It's easy to use the script but you can't be sure that it added the key correctly (I think the script even tells you that you need to take a look in authorized_keys yourself to make sure the key was added correctly). Some systems (OS X?) doesn't have the script at all, so then you need to add the key manually. – simon Jan 05 '17 at 20:43
1

@EladWeiss The script does more than just copy the key, i.e. changes permissions when it thinks it is needed, see here http://linux.die.net/man/1/ssh-copy-id Matter of fact, I'd rather just copy the key and take care of permissions myself. – Mike L'Angelo Jan 07 '17 at 12:44

Creating SSH keys

3 Answers3