How to ssh to remote server using a private key?

I have two servers. Both servers are in CentOS 5.6. I want to SSH from Server 1 to Server 2 using a private key I have (OpenSSH SSH-2 Private Key).

I don’t know how to do it over unix. But what I did on windows using Putty was to feed my OpenSSH private key to putty-gen and generate a private key in PPK format.

However, I would be creating a bash script from server 1 that will execute some commands on server 2 via SSH.

How do I SSH to Server 2 using my private key file from Server 1?

Asked By: Aivan Monceller


Append the public key (id_[rd] for your source machine (where you’re sshing from) to the ~/.ssh/authorized_keys file of the destination server for the username you want to ssh into. If you’ve lost the public key, you’ll want to create a new one with ssh-keygen. Using the default arguments for that should be ok for most purposes. If you need more detailed instructions, there are thousands of tutorials you can google.

Answered By: Kevin

You need your SSH public key and you will need your ssh private key. Keys can be generated with ssh-keygen.
The private key must be kept on Server 1 and the public key must be stored on Server 2.

This is completly described in the manpage of openssh, so I will quote a lot of it. You should read the section ‘Authentication’. Also the openSSH manual should be really helpful:

Please be careful with ssh because this affects the security of your server.

From man ssh:

     Contains the private key for authentication.  These files contain
     sensitive data and should be readable by the user but not acces-
     sible by others (read/write/execute).  ssh will simply ignore a
     private key file if it is accessible by others.  It is possible
     to specify a passphrase when generating the key which will be
     used to encrypt the sensitive part of this file using 3DES.

     Contains the public key for authentication.  These files are not
     sensitive and can (but need not) be readable by anyone.

This means you can store your private key in your home directory in .ssh. Another possibility is to tell ssh via the -i parameter switch to use a special identity file.
Also from man ssh:

 -i identity_file
     Selects a file from which the identity (private key) for RSA or
     DSA authentication is read.  The default is ~/.ssh/identity for
     protocol version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for pro-
     tocol version 2.  Identity files may also be specified on a per-
     host basis in the configuration file.  It is possible to have
     multiple -i options (and multiple identities specified in config-
     uration files).

This is for the private key. Now you need to introduce your public key on Server 2. Again a quote from man ssh:

         Lists the public keys (RSA/DSA) that can be used for logging in
         as this user.  The format of this file is described in the
         sshd(8) manual page.  This file is not highly sensitive, but the
         recommended permissions are read/write for the user, and not
         accessible by others.

The easiest way to achive that is to copy the file to Server 2 and append it to the authorized_keys file:

scp -p user@host:
ssh user@host
host$ cat >> ~/.ssh/authorized_keys

Authorisation via public key must be allowed for the ssh daemon, see man ssh_config. Usually this can be done by adding the following statement to the config file:

PubkeyAuthentication yes
Answered By: echox

The first thing you’ll need to do is make sure you’ve run the keygen command to generate the keys:

ssh-keygen -t rsa

Then use this command to push the key to the remote server, modifying it to match your server name.

cat ~/.ssh/ | ssh user@hostname 'cat >> .ssh/authorized_keys'
Answered By: Anubhav Singh

I used ssh with -i option to add your key here.

If you want to pass arg1,arg2 with .sh file, just pass it after .sh file and use a use space to separate it.

ssh -i home/avr/new.pem ar@ "/var/www/beta/ mmin 30"

Answered By: Avinash Raut

ssh-copy-id — use locally available keys to authorise logins on a remote machine

Use ssh-copy-id on Server 1, assuming you have the key pair (generated with ssh-keygen):

ssh-copy-id -i ~/.ssh/id_rsa user@server2_hostname

Now you should be able to ssh into Server 2 with ssh using the private key

ssh -i ~/.ssh/id_rsa user@server2_hostname

Indeed, if you check cat ~/.ssh/authorized_keys on Server 2, you’ll see the public key is appended for you.

Answered By: Sida Zhou
Categories: Answers Tags: ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.