QuickTip: Make life easier with ssh-copy-id
How many times have you ran through this series of events?
$ cat ~/.ssh/id_dsa.pub
...copy output to clipboard...
$ ssh myhost
...enter password...
myhost$ vi ~./ssh/authorized_keys
...paste public key and save...
myhost$ exit
Thanks to bash's tab completion, I happened upon ssh-copy-id. Instead of all that above, just do this:
$ ssh-copy-id myhost
...enter password...
You're done!
Comments
Alternate method
What about this?
$ scp ~/.ssh/id_dsa.pub remotehost:~/.ssh/authorized_keys
You're essentially
You're essentially overwriting the entire authorized_keys file with your key.
Good point. However, the
Good point. However, the command mentioned above isn't on my company's standard Linux build. How about:
$ cat ~/.ssh/authorized_keys | ssh remotehost 'cat >> ~/.ssh/authorized_keys'
Typo. Should've been: $ cat
Typo. Should've been:
$ cat ~/.ssh/id_dsa.pub | ssh remotehost 'cat >> ~/.ssh/authorized_keys'
My Hero! How have I gone 13
My Hero!
How have I gone 13 year using Linux and not known about this?
Excellent!
DSA/RSA Keys
Hiya Matt,
Consider yourself fortunate that you have not had offshore DBAs opening trouble tickets and howling when they want passwordless access from server to server to transfer files... THEN you might have known it by now.. You bypassed all the aggravation, you lucky guy! 8^)
Hi Ricker, Technically, this
Hi Ricker,
Technically, this is Justin Ellison's blog ( I'm over at http://www.standalone-sysadmin.com ) , but otherwise, yes. That doesn't sound fun! :-)
Good tips, Justin..
Thanks for posting that great info - My comment was not really meant to be for just Matt.. It's a general editorial comment on how some things are learned "under fire".. And I wished to relate it in a humorous way...
DSA/RSA Keys and their maintenance is important, I would like to add that DBA's find no problem with changing permissions using the chmod -R 775 ~/home/Luzer which kills passwordless logins and breaks their secure SCP automations. I have spent more career troubleshooting time in fixing broken passwordless access for silly permission issues than creating the new paths. Guess it goes with the territory!
Cheers..
-rg
A properly configured sshd
A properly configured sshd will also complain about permissions on authorized_keys being world readable if you just scp or copy/paste - and the .ssh dir usually doesn't exist on first login so you'll also need to mkdir and chmod - ssh-copy-id takes care of these for you ;)
A properly configured sshd
A properly configured sshd will also complain about permissions on .ssh/ and .ssh/authorized_keys being world readable if you just scp or copy/paste - and the .ssh dir usually doesn't exist on first login so you'll also need to mkdir and chmod - ssh-copy-id takes care of these for you ;)
solves other problems
Just to say that ssh-copy-id solves for me another problem.
For one user of the remote computer, I have moved the home directory. Probably not in a clean way. Anyway...
I couldn't make the usual RSA-key identification work.
I was surprised that ssh-copy-id did the job straightforwardly.
Happy about this, thanks,
Post new comment