SSH'ing Into a New Computer

Every so often you may be given a username and password to login to a new machine. You could simply type in the username and password every time you want to ssh into a new machine, or you could automate it with ssh-copy-id and a ~/.ssh/config file. The great part about this tutorial is all commands are done from the client. Only at the very end do you issue commands on the remote to make sure it is working.

Terminology

Symmetric Key -- A secret number, that is used to encrypt/decrypt messages
Asymmetric Key -- A Public/Private Key pair, where a message encrypted by one key can be decrypted by the other, and visa-versa.
Private Key -- A key you keep to yourself, on a computer you trust.
Public Key -- A key you give to everyone so they can trust further messages come from you. A public key is normally allow-listed as a trusted "identity".
Client -- The computer you are connecting from, typically your laptop/home computer. Holds the private key.
Remote/Host -- The computer you are connecting to, typically a server that runs sshd, where access to a user is determined by a list of trusted public keys user@remote:~/.ssh/authorized_keys

Step 1: Generate a SSH Keypair

Run ssh-keygen. I usually use the name of the client, the username, and the YYYY-MM-DD date as the name of the keypair. eg: ~/.ssh/mbp13-dbernadett-2019-09-03 (having an iterating version number instead of a date is also a good choice)

I usually leave the password blank. Having a password can make scripting/automation with ssh a nightmare (allowing a cron job to git-pull). However, if you think someone will get access to the key (laptop left open/stolen), it is better to have a password.

david$ cd ~/.ssh
david$ ssh-keygen

This will output both a private key <name> and a public key <name>.pub

Step 2: Add new machine to ~/.ssh/config

david$ <your_favorite_text_editor> ~/.ssh/config

This is an example of my config file.

Host csil
    Hostname csil-10.cs.ucsb.edu
    User helique
    Port 22
    ServerAliveInterval 180
IdentityFile ~/.ssh/mbp13

Host github.com
    Hostname github.com
    User git
    Port 22
IdentityFile ~/.ssh/mbp13

Host -- the name you want to use to ssh into the computer. eg. `ssh csil` vs `ssh csil-10.cs.ucsb.edu`
Hostname -- the IP address or domain name of the computer.
User -- your username on the remote computer
Port -- the port to connect to on the remote computer. 22 is standard for ssh, but sometimes it is different.
ServerAliveInterval -- sends a message every n seconds. Useful to keep csil from kicking you off
IdentityFile -- The private key to use for access, on the client computer

Step 3: SSH-COPY-ID your Public

ssh-copy-id is a convenient tool to copy your public key to another computers authorized_keys file

david$ ssh-copy-id -i ~/.ssh/<name>.pub <host>

This should prompt you for a password, tell you the key has been updated, and then encourage you to ssh into the host to make sure it works

david$ ssh <host>

If the computer you are ssh'ing into does not allow passwords, you will either have to already have ssh access via a key, or will have to ask the admin to install your public key for you.