Updated on 03 Oct 2020
SSH keys are an encrypted protocol used to administer and communicate with servers. You will have a private key (on the client machine), and a corresponding public key on the server.
Some common commands that we are likely to use
- ssh-keygen - creates a key pair for public key authentication
- ssh-copy-id - configures a public key as authorized on a server
- ssh-add - tool to add a key to the agent
Here are some additional notes to help us with ssh-keys.
add user on remote machine
In this particular example I created an Ubuntu VM called server1. I have updated my local
/etc/hosts file so that I can reference server1 and it will know which VM to talk to.
- local Ubuntu (desktop) VM -> A different Ubuntu (server1) VM
On server1, create a new user.
Create the ssh key
Inorder to communicate without passing usernames and passwords around, we’ll use a ssh-key. On our local machine, and as the jenkins user (which would have been created when you installed jenkins), create a ssh-key.
This will create a 2048-bit RSA key pair, however we can pass in the
-b 4096 flag to create a larger 4096-bit key if we want.
When we are prompted for a password, we just hit enter (leaving the password field blank).
You can only have one ssh-key at a time. If you already have an existing key, the previous command will over-write it. This means that any authentication setup you might have with other servers will no longer work!
Your ssh keys are stored in your home folder under
.ssh. This is because the ssh keys are linked to your user account.
If you are asked to send the public key, this would be (in my case) the id_rsa.pub file. You can either send that file or the contents of it.
Copy the ssh key to server1
Now we need to copy the public key part of our ssh-key to the other VM, server1.
When we are prompted for the password, this is the password to login to server1 under the jenkins user. It is not the password for the ssh-key (which we left blank).
There are a couple of things that we can test
- that we can ssh into server1 from our local Ubuntu
- that we can copy a file from our local Ubuntu to server1
scp -i ~/.ssh/id_rsa test1.txt jenkins@server1:/home/jenkins/
And check that it does exist on server1
rsync -avz test1.txt jenkins@server1:/home/jenkins/
ais archive. Keeps the file permissions, ownership and timestamps.
vis verbose. Give us plenty of feedback on what is happening
zcompress. Compress the file(s) as they are going across
rrecursivily - used for copying sub-directories inside directories etc.