Recently, my desktop hard disk crashed. So I reinstalled Linux and created a new set of private RSA keys for authentication. However, two of my remote UNIX servers still uses old DSA keys. I do not remember root password for those servers. I do have backup of private and public DSA keys and currently stored in /backup/home/user/.ssh/id_dsa and /backup/home/user/.ssh/id_dsa.pub. How do I force my ssh clients to use identity file /backup/home/user/.ssh/id_dsa to get back to my remote UNIX servers?
The ssh client allows you to selects a file from which the identity (private key) for RSA or DSA authentication is read. The default is ~/.ssh/identity for protocol version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for protocol version 2. Identity files may also be specified on a per-host basis in the configuration file. It is possible to have multiple -i options (and multiple identities specified in configuration files). The syntax is as follows:
ssh -i /path/to/id_rsa user@server.nixcraft.com ssh -i /path/to/id_dsa user@server2.nixcraft.net.i
To use /backup/home/user/.ssh/id_dsa, enter:
ssh -i /backup/home/user/.ssh/id_dsa user@unixserver1.nixcraft.com
~/.ssh/config SSH Client Configuration
You can set identity file in ~/.ssh/config as follows:
vi ~/.ssh/config
Add both host names and their identity file as follows:
Host server1.nixcraft.com IdentityFile ~/backups/.ssh/id_dsa Host server2.nixcraft.com IdentityFile /backup/home/userName/.ssh/id_rsa
You can add other settings per host such as port number, X11 forwarding, real hostnames and much more. Save and close the file. You can connect as follows:
ssh user@server2.nixcraft.com ssh root@server1.nixcraft.com
Recommended readings:
- See the ssh_config and sshd man page for more information.
You should follow me on twitter here or grab rss feed to keep track of new changes.
Featured Articles:
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop
{ 3 comments… read them below or add one }
Hi friends, it is good. but i am looking for configuration of Central authentication server for ssh login. If you can kindly let me know how to direct the client for the server and how the key pairs to dealt with and so on.. … … thanks
Thank you, I was looking for this
Thanks, I always forget -i !