Configuration Example for SSH login using Public-key AuthenticationClient Settings (OpenSSH on MacOSX, Linux, UNIX)
Japanese
Client Settings (OpenSSH on MacOSX, Linux, UNIX)

Last updated on: 2014/10/17
Notice and disclaimer:

At our own initiative, we looked at the SSH login method to a server using public-key authentication from some client platforms.

In this page, we provide an example setting for OpenSSH client on MacOSX, Linus, or Unix.

The illustrations are intended only for the user’s convenience and do NOT represent any endorsement. We do not provide support for these methods because actual behavior strongly depends on each server or client computer. Please forward any question to your server administrator, the network vendor or the developer/distributor.

1: Generate keys

Generate a public key and a private key.

  1. Use the following commands in a shell to generate key-pair.
    For SSH2 RSA
    % ssh-keygen -t rsa
    For SSH2 DSA
    % ssh-keygen -t dsa
  2. You will be asked to enter passphrases. Enter them.

    The keys will be generated in the “.ssh” directory in your home directory.

    Type of keys Public key file (default) Private key file (default)
    SSH2 RSA $HOME/.ssh/id_rsa.pub $HOME/.ssh/id_rsa
    SSH2 DSA $HOME/.ssh/id_dsa.pub $HOME/.ssh/id_dsa

2: Copy the public key to SSH host

If you are not able to perform the following procedures for the reasons that the host you wish to access supports only public key authentication or that it does not support FTP, ask the server administrator to copy your public key file to the host.
  1. Access the host and copy the public key file (such as “id_rsa.pub” or “id_dsa.pub”) to the “.ssh” directory (do not forget the dot) of your home directory (“$HOME/.ssh” or “~/.ssh”).
    • Since it is a public key file, you do not have to worry about transferring method.
    • You need to pay every attention to keep your private key file (such as “id_rsa.pub” or “id_dsa.pub”) confidential.
    • If the “.ssh” directory does not exist in the host computer, please make it. Confirm that the owner of the directory is set as yourself and your group and set the mode as “700”.
  2. Change the name of the public key file to “authorized_keys”. Confirm that the owner of the file is set as yourself and your group, and set mode as “644”.