Setting up ssh keys

It’s often useful to set up ssh keys when working with several servers in the department. This guide will walk you through setting up the keys on your local machine.

NOTE: if you are logging in from somewhere other than the USF campus, you will need to either

First, we need to be able to reach the CS network. If you can already run:

ssh cs-username@stargate.cs.usfca.edu

…and log in without entering a password, then you can move on to (2) Between Servers Within USF CS.

Do you already have an ssh key?

Start by running ssh-keygen. If you see the following:

[matthew@silicon:~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/matthew/.ssh/id_rsa): (press enter)
/Users/matthew/.ssh/id_rsa already exists.
Overwrite (y/n)? n

Then you don’t need to create the key. Enter n to quit ssh-keygen.

Otherwise…

# If the key doesn't already exist, the output from ssh-keygen will look like
# the following. Just hit <enter> for each of the prompts to accept the defaults!
[matthew@silicon:~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/matthew/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/matthew/id_rsa.
Your public key has been saved in /Users/matthew/id_rsa.pub.
The key fingerprint is:
...
(fingerprint and randomart image display)
...

Copying the key to the CS network

# Now we need to copy our public key to the CS network.
[matthew@silicon:~]$ ssh-copy-id cs-username@stargate.cs.usfca.edu
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/matthew/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
mmalensek@stargate.cs.usfca.edus password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'mmalensek@stargate.cs.usfca.edu'"
and check to make sure that only the key(s) you wanted were added.

[matthew@silicon:~]$ ssh stargate.cs.usfca.edu
Last login: Wed Jan 23 22:00:31 2019 from 75.25.144.132
[stargate:~]$ # hooray! It didn't ask for a password.

(2) Between Servers Within USF CS

The next thing we need to be able to do is jump between servers inside the CS network. If you can ssh gojira from stargate without typing your password, you can skip this step.

# Once again, the defaults (just hitting enter) are fine.
[mmalensek@stargate]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home4/mmalensek/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home4/mmalensek/.ssh/id_rsa
Your public key has been saved in /home4/mmalensek/.ssh/id_rsa.pub
The key fingerprint is:
...
(fingerprint and randomart image display)
...

[mmalensek@stargate]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[mmalensek@stargate]$ chmod 700 ~/.ssh
[mmalensek@stargate]$ chmod 600 ~/.ssh/authorized_keys

Since our lab machines have shared home directories, you can now log into any of the machines in the department without a password.

Transferring Files

You can also use the scp utility to copy files via ssh. The basic usage looks like:

scp local-file.txt mmalensek@stargate.cs.usfca.edu:

Don’t forget the trailing : character. This tells scp to store the file in your home directory. You can also specify a remote file name, or store in a particular folder/directory:

scp local-file.txt mmalensek@stargate.cs.usfca.edu:other-name.txt
scp local-file.txt mmalensek@stargate.cs.usfca.edu:my_great_dir/subdirectory/