For some reason, when I try copying my public key to the server, despite it showing as being successful:
rob@linux044:~$ ssh-copy-id -i /home/rob/Work/Keys/keys.txt.pub !@#$%.com
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/rob/Work/Keys/keys.txt.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '!@#$%.com'"
and check to make sure that only the key(s) you wanted were added.
when I log in and check the two keys I can see clearly they are two different keys. Any idea's what I might be doing incorrectly here?
Well here is something interesting, maybe. I ran ls -l ~/.ssh and there seems to be a few files contained therein: authorized_keys , id_rsa , id_rsa.pub and known_hosts . it would seem my key is being added to the ' authorized_keys ' list but why I wonder is there a file called id_rsa.pub and how do I know which one the host is using. I am still having to enter my password when I ssh onto the network, shouldn't the presence of my public key on that network allow me to log on without a password check?
Also, the authorized_keys file has keys from my other computer and it also has two private keys stored in it?
authorized_keys does not contain private keys. It only contains public keys. The private key should not leave the source system.
---
You can check what's really going on by increasing the debug level. If there's the wrong key deposited with ssh-copy-id there definitely went something wrong.
Try again with:
ssh-copy-id -o LogLevel=DEBUG1 ....
You can increase LogLevel further to DEBUG2 or DEBUG3 for more intense debugging. So you will definitely see what is going on and what file is used, or maybe rejected. If that's still not enough you may use strace , to trace the systemcalls for opening and reading of ssh-copy-id. But I think that won't be necessary.
id_rsa and id_rsa.pub are the default key files when a keypair is generated. These are the key files which are used if nothing is specified.
When the target-servers target-users $HOME/.ssh/authorized_keys does not contain your key (from /home/rob/Work/Keys/keys.txt.pub), it's absolutely clear why key-based auth does not work:
Because your key hadn't been copied or you login with a key that's not permitted.
----
Another Question:
When your public key is /home/rob/Work/Keys/keys.txt.pub. Where's your private key then? Since this is not a standard location you have to configure the Key for the connection to your server.
For example in $HOME/.ssh/config
Host YOUR-SERVER-ALIAS
Hostname FQDN-HOSTNAME-OR-IP-ADDRESS
User TARGET-SYSTEM-USER-NAME
IdentityFile PRIVATE-KEY-FULL-PATH
# Example
Host webserver
Hostname 192.168.10.2
User root
IdentityFile /home/rob/Work/Keys/private-key.txt
Login to your server then via this command:
ssh webserver
Furthermore $HOME/.ssh is a good place to deposit private keys, because it's very restricted by default. And an ssh private key should be protected well from any unauthorized access if possible. And as everybody else says here: Check the permissions!
and there is a rather large text block in that file, why? Is text added here whenever I ssh into a machine? To be clear, I should be storing my key pair's here within the .ssh directory as: id_rsa and id_rsa.pub, is that correct?
