[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Where do you run ssh-keygen, server or client.

Alan Chandler wrote:
Jochen Schulz wrote:
Nathaniel Homier:
I have 1 desktop computer (we will call it son) and it runs a ssh
server.  When I visit my mothers house I would like to be able to access
(son) from my mothers computer (we will call it mom).  I have setup the
ssh server on (son) to use key based authentication.  Now the question
is, do I run ssh-keygen on (son) or on (mom)?  What I have done is, on
(son) is to:
$ssh-keygen -t dsa
$cd .ssh
$cat id_dsa.pub >> ~/.ssh/authorized_keys
This only allows you to run 'ssh localhost' on son. You could use the
same key (id_dsa + id_dsa.pub) from any other computer and do the same
but I always generate a keypair per machine.

It doesn't matter where you generate the key. The important thing is to
put the contents of id_dsa.pub into the authorized_keys file on the
To be clear, you also have to ensure the private part of the key (id_dsa)
is accessible by the client. This name of the file is defined in
/etc/ssh/ssh_config (and effectively defines ~/.ssh/id_dsa as the file).

You can also define a local name for a remote machine and non standard key
files - I regularly SSH into a server I am responsible for on the other
side of the world (melindasbackups.com), and you then put an entry in

I access a host with

ssh mb

This is what is in my config file

Host mb
 HostName melindasbackups.com
 User melindas
 IdentityFile ~/.ssh/melindas_ssh_access_key

Thank you for the good info, you have made it clear.


Reply to: