Configure a Controller SSH Key

You can set up SSH (Secure Shell) with public/private key pairs so that you do not have to type the password each time you access a Controller machine by SSH. Setting up keys allows scripts and automation processes to access the Controller easily. You can generate DSA or if you want stronger encryption, RSA keys.

Set up SSH Key Pairs Using DSA

  1. Run the ssh command that sets up the key pair:
    % ssh-keygen -t dsa
  2. At the following prompt, press Enter to accept the default key location, or type another: 
    Generating public/private dsa key pair.
Enter file in which to save the key (~/.ssh/id_dsa):
  3. Press return at the password prompt: 
    Enter passphrase (empty for no passphrase):
  4. Press Return again to confirm the password: 
    Enter same passphrase again:

    You should see the following information:

    Your identification has been saved in ~/.ssh/id_dsa
Your public key has been saved in ~/.ssh/id_dsa.pub
The key fingerprint is: <Some really long string>

    If SSH continues to prompt you for your password, verify your permissions in your remote .ssh directory. It should have only your own read/write/access permission (octal 700):

    % chmod 700 ~/.ssh
  5. Open the local ~/.ssh/id_dsa.pub file and paste its contents into the ~/.ssh/authorized_keys file on the remote host.
  6. Update the permissions on the authorized_keys file on the remote host as follows:
    % chmod 600 ~/.ssh/authorized_keys

Set up SSH Key Pairs Using RSA

Run the ssh command that sets up the key pair:

% ssh-keygen -t rsa

The generated files will be named id_rsa and id_rsa.pub, instead of id_dsa and id_dsa.pub.

Otherwise, the remaining steps are identical to those beginning with step 2 in the steps above.