Keypairs and Authorized Keys

To generate a keypair on the client computer:

ssh-keygen -t dsa

This creates the files ~/.ssh/id_dsa and id_dsa.pub (you can set a passphrase but then you’d need to type it in every time you wanted to use it). To add this key to the servers you want to log in to:

cat ~/.ssh/id_dsa.pub | ssh servername “cat >> ~/.ssh/authorized_keys”

You can do this on multiple computers and it should just add to the list, not overwrite. Warning – the .ssh directory must already exist on the remote host or it won’t work…

Setting Default Username for SSH login

Create the file ~/.ssh/config, with the line:

User usernametouse

Using a SSH alias

To set default options for an alias, eg so you can just type ssh aliasname, add the following to ~/.ssh/config:

host aliasname
hostname servername.com
user username

Type man ssh_config for more available options

Update 2013-04-24:

Stopping Timeouts on Virgin Media

For some reason Virgin kills connections that don’t show enough activity, this causes SSH to hang. To fix, add the following to ~/.ssh/config:

Host *
ServerAliveCountMax 600
ServerAliveInterval 10

Using a specific .pem certificate to authenticate

To use a certificate to connect, without installing it as an authorized key on the client, (e.g. for Amazon EC2 in a script):

ssh -i /path/to/certificate.pem servername.com