SSH is great for secure remote access and if you happen to connect to multiple machines then you will need multiple keys, especially if you are doing a password-less connection. Here is how to keep all your certificates nice and tidy.
First, create the new keys
[user@client]$ ssh-keygen -t rsa -f ~/.ssh/id_rsa.server1 -C "Key for Server1" Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_rsa.server1. Your public key has been saved in /home/user/.ssh/id_rsa.server1.pub. The key fingerprint is: 5f:70:50:e8:81:14:bf:41:b7:fb:0d:be:75:b9:42:9f user@client.domain.com The key's randomart image is: +--[ RSA 2048]----+ | .ooooo | | .ooo . | | .+.o | | .= . | | S . o . | | . . + o.| | . . +.=| | . Eo| | o. | +-----------------+
Do the same for server2
Now you should have the following files in your .ssh dir
id_rsa.server1
id_rsa.server1.pub
id_rsa.server2
id_rsa.server2.pub
Now create an SSH config file
[user@client]$ touch ~/.ssh/config
[user@client]$ chmod 600 ~/.ssh/config
[user@client]$ vi ~/.ssh/config
Host server1.domain.com
IdentityFile ~/.ssh/id_rsa.server1
User user1
Host server2.domain.com
IdentityFile ~/.ssh/id_rsa.server2
User user2
Now copy the public keys to their respective servers, and add them to the authorized keys file.
[user@client]$ scp ~/.ssh/id_rsa.server1 user1@server1.domain.com [user@client]$ ssh user1@server1.domain.com 'cat ~/.ssh/id_rsa.server1 >> ~/.ssh/authorized_keys' [user@client]$ ssh user1@server1.domain.com 'chmod 600 ~/.ssh/authorized_keys'
Do the same for server2
Now you can connect to server1 or server2 using the correct key and not have to enter a password. If you attempt to connect using a different username or from a different machine, you will need to use the user’s password. Also if you attempt to connect to a machine not listed in the config, then it will default to id_rsa (or id_dsa).
References:
SSH_CONFIG Man Page
Leave a Reply
You must be logged in to post a comment.