Ubuntu - Sharing SSH Keys
Sharing your default public key (`~/.ssh/id_rsa.pub) with a remote server is as easy as:
$HOME/.ssh/id_rsa.pub public key file. However, it will also add all of your keys within your SSH agent, which may not be what you want.
You can check your SSH agent by running
ssh-add -l. If you wish to add a specific key, it is best to specify it with the
-i parameter as shown in the examples below.
If you want to use a specific key, then use the following
ssh-copy-id -i /path/to/public/key.pub email@example.com
If you want to use a specific key and a specific port then use the following
ssh-copy-id \ -p $PORT \ -i /path/to/public/key.pub \ firstname.lastname@example.org
If you don't already have an identity, an error will pop up and you will need to run the following before retrying.
Sometimes you need to do things manually, such as when you can only use a key to log into the server and need to add another key. In such situations, just copy the public key (which should look something like below)
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCpPhKCzJUS6RGRza+FudimGKR2RILtShMyN1Gsd0V7r3H1vJ2WwwgMGjUQmow6IyFEFH+1TlbCGDTGxRA82G5+vW3NCbbtkTXyEJsVQ7/QkLqnQL4++BRLhJ5UAzKv84Ohw45VeJPVtW/gAqvB7r4+vcRNPrW3dRW8TVgF9fAi5RdacDXBBGFkSE1IA5mAMqDmiXryn4SlqFqeS4n/jsEFsCmOPo1S67xqp/QsVYyZHjS9jFwxxLuSj/7VT0QuQcU1Q7QWifGM4Rdj8jIboxEoM59Ws9GpeJK94UUX+L8vg8QUp+wiEdQnrzyaTVbu0NtPUdsmynNcM06XWM74E2bT stuart@stu-home-office
... and append it into the
$HOME/.ssh/authorized_keys of the user that you want to use the key to login as.
just an identifier that you can change to be something more memorable. E.g. to let you know what other servers/users are granted
access to the server so that you can remove them at a later date and not accidentally remove the wrong key.
Create Folder / File If Doesn't Exist
It is not uncommon for the folder/file to not exist yet, especially if you just added a fresh user to the system. You can create them with the following commands:
mkdir $HOME/.ssh chmod 700 $HOME/.ssh touch $HOME/.ssh/authorized_keys chmod 700 $HOME/.ssh/authorized_keys
Removing an SSH key from being able to access the server is as easy as removing the appropriate line from the
.ssh/authorized_keys file (or commenting it out with a
#), and then restarting the ssh service with:
sudo service sshd restart
sudo apt remove gnome-keyring.
- Ask Ubuntu - Easiest way to copy ssh keys to another machine
- How do I permanently add an identity for SSH?
- Information Security - Are passwords stored in memory safe?
First published: 16th August 2018