SSH with passphrase
The following recipe works on both Mac OSX and Linux.
Suppose you want to connect to gemini.science.uu.nl from another computer A, where you are logged in as user a.
First log in on computer A as user a and generate a pair of authentication keys (substitute the correct username and machinename for a and A); open Terminal:
A:~ a$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/Users/a/.ssh/id_rsa): Created directory '/Users/a/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/a/.ssh/id_rsa. Your public key has been saved in /Users/a/.ssh/id_rsa.pub. The key fingerprint is: 95:9f:a5:6a:d0:2d:82:68:6f:9c:c5:38:20:e4:e5:7c a@A.phys.uu.nl
Now use ssh to create a directory ~/.ssh on gemini.science.uu.nl using your own solisid and password (the directory may already exist)
A:~ a$ ssh yoursolisid@gemini.science.uu.nl mkdir –p .ssh yoursolisid@gemini.science.uu.nl's password:
Finally append a’s new public key to yoursolisid@gemini.science.uu.nl:.ssh/authorized_keys2
and enter password for yoursolisid@gemini.science.uu.nl (not the passphrase)
A:~ a$ cat .ssh/id_rsa.pub | ssh yoursolisid@gemini.science.uu.nl 'cat >> .ssh/authorized_keys2' yoursolisid@gemini.science.uu.nl's password:
From now on you can log into gemini.science.uu.nl from A with passphrase (image on right for Mac OSX only).
A:~ A$ ssh yoursolisid@gemini.science.uu.nl Last login: Wed Sep 18 12:41:48 2013 from A.phys.uu.nl ********************************************************************* * Welcome to gemini.science.uu.nl * * <..> * ******************************************************************** -bash-3.2$
Change the permissions of .ssh to 700
-bash-3.2$ chmod 700 .ssh
Change the permissions of .ssh/authorized_keys2 to 600
-bash-3.2$ chmod 600 .ssh/authorized_keys2
Add (or adjust) the following two settings in the .ssh/config file:
ServerAliveInterval 20 TCPKeepAlive yes