Using ssh-copy-id to add your key

Overview:

  • Teaching: 15 min
  • Exercises: 0 min

Questions

  • How do I add my own keys to unmanaged services?
  • Where does ssh store my public key

Objectives

  • Know how to use ssh-copy-id to add your key to a remote service
  • Know that keys are added to ~/.ssh/authorized_keys on the remote system

Copy the public part of the key to the remote host

When you create the key pair two files will be generated, a private key e.g. id_ed25519 (or id_rsa) and the public key id_ed25519.pub (or id_rsa.pub). Your private key should never be copied to different machines, however, in order to use your key pair you do need to copy the public key to the remote machine.

Using you normal login password, add the public part of your key pair to the authorized_keys file on the remote host to which you wish to connect. We can use the utility ssh-copy-id to do this:

ssh-copy-id -i ~/.ssh/id_ed25519.pub [userID]@<hpc-service>

Now you can test that your key pair is working correctly by attempting to connect to the remote host and run a command. You should be asked for your key pair passphase (which you entered when you created the key pair) rather than your remote machine password.

ssh [userID]@<hpc-service> 'date'
Enter passphrase for key '/Home/user/.ssh/id_rsa': [Passphrase]
Wed May  8 10:36:48 BST 2020

We have run date on the remote server to confirm that we have been able to use the key pair, and passphrase to log in.

What is ssh-copy-id doing?

ssh-copy-id is appending the contents of the public part of the key to the remote file ~/.ssh/authorized_keys.

You could also copy and paste your public key into the remote ~/.ssh/authorized_keys but using the provided tool makes this easier.

If you do this make sure that you don't replace existing keys that you want to keep.

Add your public key to the remote service

Linux:

Use ssh-copy-id to the remote service and verify that it works.

If you have used a non-standard name or location you will have to explicitly use the key with:

ssh -i /path/to/id_key_name [userID]@<hpc-service>

Windows

Add your key to the new connection you created under -> connection ->ssh -> auth Private key file for authentication

Key Points:

  • use ssh-copy-id to add your key to a remote service
  • keys are added to ~/.ssh/authorized_keys on the remote system

Previous

Schedule

Next