Ubuntu - Sharing SSH Keys

Sharing keys on Ubuntu is as easy as:

ssh-copy-id user@hostname.domain.com

If you want to use a specific key, then use the following

ssh-copy-id -i [PUBLIC KEY FILE] user@hostname.domain.com

If you don't already have an identity, an error will pop up and you will need to run the following before retrying.

ssh-keygen

This grants yourself non-password access to the remote machine, not the other way around!

Always use a passphrase on your keys to prevent them being useful to malicious users who compromise your servers. Tools like ansible will realize if a key requires a passphrase to use and will automatically prompt you.

Manual Method

Sometimes you need to do things manually, such as when you can only use a key to log into the server and need to add another key. In such situations, just copy the public key (which should look something like below)

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCpPhKCzJUS6RGRza+FudimGKR2RILtShMyN1Gsd0V7r3H1vJ2WwwgMGjUQmow6IyFEFH+1TlbCGDTGxRA82G5+vW3NCbbtkTXyEJsVQ7/QkLqnQL4++BRLhJ5UAzKv84Ohw45VeJPVtW/gAqvB7r4+vcRNPrW3dRW8TVgF9fAi5RdacDXBBGFkSE1IA5mAMqDmiXryn4SlqFqeS4n/jsEFsCmOPo1S67xqp/QsVYyZHjS9jFwxxLuSj/7VT0QuQcU1Q7QWifGM4Rdj8jIboxEoM59Ws9GpeJK94UUX+L8vg8QUp+wiEdQnrzyaTVbu0NtPUdsmynNcM06XWM74E2bT stuart@stu-home-office

... and append it into the $HOME/.ssh/authorized_keys of the user that you want to use the key to login as. Note that this is a single line that will look like an entire paragraph with the wrapping. The bit at the end such as stuart@stu-home-office is just an identifier that you can change to be something more memorable. E.g. to let you know what other servers/users are granted access to the server so that you can remove them at a later date and not accidentally remove the wrong key.

References

• Ask Ubuntu - Easiest way to copy ssh keys to another machine
• How do I permanently add an identity for SSH?
• Information Security - Are passwords stored in memory safe?