20.3.4.2. Generating a DSA Key Pair for Version 2
Use the following steps to generate a DSA key pair for version 2 of the SSH Protocol.
- To generate a DSA key pair to work with version 2 of the protocol, type the following command at a shell prompt:
ssh-keygen -t dsaAccept the default file location of~/.ssh/id_dsa. Enter a passphrase different from your account password and confirm it by entering it again.Note
A passphrase is a string of words and characters used to authenticate a user. Passphrases differ from passwords in that you can use spaces or tabs in the passphrase. Passphrases are generally longer than passwords because they are usually phrases instead of a single word.The public key is written to~/.ssh/id_dsa.pub. The private key is written to~/.ssh/id_dsa. It is important never to give anyone the private key. - Change the permissions of the
.sshdirectory with the following command:chmod 755 ~/.ssh - Copy the contents of
~/.ssh/id_dsa.pubinto the file~/.ssh/authorized_keyson the machine to which you want to connect. If the file~/.ssh/authorized_keysexist, append the contents of the file~/.ssh/id_dsa.pubto the file~/.ssh/authorized_keyson the other machine. - Change the permissions of the
authorized_keysfile using the following command:chmod 644 ~/.ssh/authorized_keys - If you are running GNOME, skip to Section 20.3.4.4, “Configuring
ssh-agentwith GNOME”. If you are not running the X Window System, skip to Section 20.3.4.5, “Configuringssh-agent”.
