ssh Key Generation and Installation

1. ON THE CLIENT MACHINE, generate a key pair for yourself consisting of a private key (to reside on the client machine) and a public key (to be placed on the server machine). To accomplish this type "ssh-keygen" at the Unix prompt. When prompted for a file in which to save the key, accept the default filename of "identity" to reside in ~/.ssh. When asked to enter a passphrase, enter the secret phrase that you wish to use to use to protect your private key. Two files will be created on the client machine; "identity" and "identity.pub".
2. ON THE SERVER MACHINE, install the public key by placing the contents of the previously generated public key file ("identity.pub") into a file named ~/.ssh/authorized_keys in your account on the server machine. If this file already exist, append the contents of your public key to the end of the existing authorized_keys file.
3. ON THE CLIENT MACHINE, it is important to protect the private key that you generated so that only you have access to it. To accomplish this, change the protection on the file containing the private key by typing "chmod 600 ~/.ssh/identity" at the Unix prompt.
4. ON THE SERVER MACHINE, it is important that only you have write privilege on the .ssh directory and the authorized_key file. To accomplish this, you'll want to type "chmod 755 ~/.ssh" and "chmod 644 ~/.ssh/authorized_keys" at the Unix prompt on the server machine.

Once these steps are complete, you will be able to log on to the server machine using your passphrase rather than your password. This is much more secure as neither your passphrase nor your password are ever passed over the network. The passphrase is only used on the client machine to unlock the "authenticator" on the client machine which enters into a conversation with the server machine to grant you access.