How do I copy a public key?

You can copy a public key to a remote server using the ssh-copy-id command, which simplifies the process of securely transferring your public key for passwordless SSH login.

Here's how to do it:

1. Use the ssh-copy-id command: Open your terminal and use the following command, replacing remote_user with your username on the remote server and host with the server's address (IP address or hostname):

   ssh-copy-id remote_user@host

2. Enter the password: The command will prompt you for the password of the remote_user on the host. Enter the correct password when prompted.

3. Verification: After successful execution, the ssh-copy-id command appends your public key (typically found in ~/.ssh/id_rsa.pub) to the ~/.ssh/authorized_keys file on the remote server. You should now be able to SSH into the remote server without entering a password.

Explanation:

• ssh-copy-id: This is a utility that simplifies the process of copying your public key to the remote server's authorized_keys file.

• remote_user@host: This specifies the username and address of the remote server. Replace remote_user with the actual username you use to log in to the server, and host with the server's hostname or IP address.

• ~/.ssh/id_rsa.pub: This is the default location for your public key. If your public key is stored in a different location, you can specify it using the -i option. For example: ssh-copy-id -i ~/.ssh/my_key.pub remote_user@host

• ~/.ssh/authorized_keys: This file on the remote server stores the public keys that are authorized to log in to the account without a password.

Alternative Method (Manual):

If ssh-copy-id is not available (rare), you can manually copy the key:

1. Copy the public key to the clipboard:

   cat ~/.ssh/id_rsa.pub

   Select and copy the output to your clipboard.

2. SSH into the remote server:

   ssh remote_user@host

3. Append the public key to authorized_keys:

   • If the ~/.ssh directory or ~/.ssh/authorized_keys file does not exist, create them:

     mkdir -p ~/.ssh
     chmod 700 ~/.ssh
     touch ~/.ssh/authorized_keys
     chmod 600 ~/.ssh/authorized_keys

   • Append the copied public key to the ~/.ssh/authorized_keys file:

     echo "PASTE_YOUR_PUBLIC_KEY_HERE" >> ~/.ssh/authorized_keys

     Replace PASTE_YOUR_PUBLIC_KEY_HERE with the content you copied in step 1. Make sure to paste the entire key on a single line.

4. Secure the SSH directory and authorized_keys file

   • The .ssh directory should have permissions of 700 and the authorized_keys file permissions of 600. Ensure this by running the following commands:

     chmod 700 ~/.ssh
     chmod 600 ~/.ssh/authorized_keys

5. Test the connection: Exit the SSH session and try to SSH back into the server. You should now be able to log in without a password.

Security Considerations:

• Ensure that the permissions on the .ssh directory and authorized_keys file are correctly set. Incorrect permissions can prevent SSH login or, worse, introduce security vulnerabilities.

• Avoid copying your private key (id_rsa). Only the public key (id_rsa.pub) should be copied to remote servers.

By using ssh-copy-id or the manual method outlined above, you can easily and securely copy your public key to a remote server and enable passwordless SSH login.