Many times in the UN*X world one needs to connect to a remote machine via a command-line interface. The secure shell (ssh) is the preferred way of doing this.

This page describes the generation and deployment of ssh keys. Rather than describing what you're doing, I'll show you exactly what to do. You'll do the work of acquiring and installing software from within the Terminal application, using a web browser only for the testing steps.

I assure you that the UNIX commands I'll direct you to invoke have been taken directly from a Terminal window - these are the commands I just used to do a clean install - rather than having been composed after the fact. This is *exactly* what worked for me. I've taken pains to choose forms of the commands which should make sense to you even if you're new to UNIX.

DSA key generation for ssh protocol version 2

I'm going to skip over the RSA key generation for version 1, as it's not often used anymore.

% ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/Users/mickey/.ssh/id_dsa): Enter passphrase (empty for no passphrase): my#d0g has_fl3a5 Enter same passphrase again: my#d0g has_fl3a5 Your identification has been saved in /Users/mickey/.ssh/id_dsa. Your public key has been saved in /Users/mickey/.ssh/id_dsa.pub. The key fingerprint is: ff:ff:ff:12:2b:c3:7e:91:27:74:d8:ff:11:24:ff:5f mickey@mickey.local %

The keys having been generated, I'm now going to prepare a destination on the remote computer:

% ssh remote Password: LDAP Password: remote % mkdir ~/.ssh remote % ^D  That's a Control-D Connection to remote closed. %

Then, back on my local machine, I copy the generated public key over to the remote machine:

% scp ~/.ssh/id_dsa.pub mickey@remote:~/.ssh/ Password: LDAP Password: id_dsa.pub 100% 609 406.5KB/s 00:00 %

Once again, I go to the remote machine and copy the public key into the authorized_keys2 file: