1

I'm doing some provisioning work, and it happens that I now need to do something I've never done before that I'm completely stumped on how to do.

I need to be able to generate an ssh key pair (ssh-keygen -t rsa) on one system, let's call it System A, and then transfer that pair to System B & System C in such a way that I can ssh from System B to System C. In other words I need an ssh key pair where I don't actually have to generate the key on any of the systems that will be ssh-ing.

How do I do this?

user1072692
  • 173
  • I have to ask, if systems B and C have SSH, why don't you want to generate the keypair on system B? then you'd only need to copy the public key to C's .ssh/authorized_keys for this to work. – roadmr Jan 29 '15 at 21:07

1 Answers1

1

On system A:

mkdir /tmp/my-keys
cd /tmp/my-keys
ssh-keygen -t rsa -f some-name

it will generate a some-name file containing the private key, and a some-name.pub file containing the public key.

Next, copy the some-name private key to system B (the one you want to connect from). Place it in the .ssh directory for the user you'll connnect as. If the user doesn't have an .ssh directory, create it by running ssh-keygen in that system; or, if you don't want to (I think this is your whole point), manually create the directory, copy the some-name file into it, and ensure .ssh has mode 700, and the some-name file is 600. Both should be owned by the user in question.

Finally, copy some-name.pub public key to system C (or any system you want to be able to connect to, from B). Place it in the .ssh directory for the user you'll connect as. Rename it to authorized_keys, this is the list of keys SSH will examine; any private key which matches the given public keys will be allowed to connect.

roadmr
  • 34,222
  • 9
  • 81
  • 93