Re: Where do you run ssh-keygen, server or client.
Alan Chandler wrote:
Jochen Schulz wrote:
I have 1 desktop computer (we will call it son) and it runs a ssh
server. When I visit my mothers house I would like to be able to access
(son) from my mothers computer (we will call it mom). I have setup the
ssh server on (son) to use key based authentication. Now the question
is, do I run ssh-keygen on (son) or on (mom)? What I have done is, on
(son) is to:
$ssh-keygen -t dsa
$cat id_dsa.pub >> ~/.ssh/authorized_keys
This only allows you to run 'ssh localhost' on son. You could use the
same key (id_dsa + id_dsa.pub) from any other computer and do the same
but I always generate a keypair per machine.
It doesn't matter where you generate the key. The important thing is to
put the contents of id_dsa.pub into the authorized_keys file on the
To be clear, you also have to ensure the private part of the key (id_dsa)
is accessible by the client. This name of the file is defined in
/etc/ssh/ssh_config (and effectively defines ~/.ssh/id_dsa as the file).
You can also define a local name for a remote machine and non standard key
files - I regularly SSH into a server I am responsible for on the other
side of the world (melindasbackups.com), and you then put an entry in
I access a host with
This is what is in my config file
Thank you for the good info, you have made it clear.