I did not post earlier that the ssh command will automatically search for the default key names i.e id_rsa, id_dsa, id_ecdsa etc, however since your key is named something else it has be a command line option or in the config file.

1 members found this post helpful.

sadly, i have to take a break from testing using box C.
Last night i left box C update some packages and this morning when I woke up i opted for 'overwrite' when asked at the end of slackpkg upgrade-all. Result, I didnt realize that the kernel was also updated and as a result I lost X (and strangely also the wireless). So, i need to fix that also

However, I could learn something about ssh connecting remotely on a different network. I left my work pc on;

would I need to add the outside IP address (of box A) somewhere to this line to copy the key to box A (work pc)

alright then!Box C is back in business.
Time to edit .ssh/config

You would use your work's public IP address and username but there are few more steps required. I believe they were posted previously so maybe it is already configured.

If you want to connect to your work PC from home you need to forward port 22 on your work router/gateway to your work computer's IP address. It would also be advisable to configure a DHCP reservation or static IP address for your work computer.

It would be more secure to copy the public key to a flash drive and copy it to your ~/.ssh/authorized_keys file and be sure to disable your ssh password authentication then using ssh-copy-id. You could copy the private key to and check on the computer itself to verify the keys work.

1 members found this post helpful.

Thank you michaelk

I will definitely copy the key on a flash drive, however I will need to practice the whole port forwarding thing, router to pc.

Still on testing box B to box C, rather than editing the ~/ssh/config i recreated the key pair, on box B, with the option -b 4096 and named it id_rsa. Then ssh-copy-id to box C. All good so far.

I edited 'PasswordAuthentication no' (on both pcs) and tested ssh connection from box B to box C. Now, i am not asked for password but for passphrase. Is this normal?

Then I tried to connect backward (from box C to box B) and i get: permission denied - Do i have to create the key pair on box C also and repeat the ssh-copy-id to box B? (before, i could ssh back&forth when '#PasswordAuthentication no')

I got lost on which help to try first.

I was confused because the only config file i remembered was in /etc/ssh/ (system config) but, after reading the "man ssh_config" i learned that there is a user's config which must be created. So i did, edited it accordingly and when i try ssh box C i get:

Yes, each server's i.e the box you login to needs a public key and the client i.e. the box you run the ssh command needs a private key.

Yes, the passphrase is additional security to protect the private key. When creating keys you can press the enter key when prompted for a passphrase to not use one.

Like everything else config options are case sensitive. It should be IdentifyFile not identifyfile

1 members found this post helpful.

Thanks again.

my ~/.ssh/config
everything is case-correct but it still gives me the error.

but wait!! if the request of passphrase is normal and I can ssh to from box B to box C, why would I need a ~/.ssh/config? in fact, if i get rid of the config file, i connect from B to C without error msgs.

Now the other problem seems connecting backwards from C to B. I have created the key pair on C also and tried to copy the public key to B

The reason for the config file was originally due to your private key file name of homedesktop_rsa but since you created new keys using the default it works without. However, its nice to use a config file because you can save username, hostname and then connect with just the Host as a shortcut.

No need for a separate authorized_keys file. Basically ssh-copy-id appends the public key to the authorized_keys file and there can be multiple keys in the same file.

Is the ssh server running on box B?

1 members found this post helpful.

assuming i would like to get the shortcut also, ~/.ssh/config creates that "line 5" error; so at the moment i'll leave it and when i grasp more of it i'll get a little more technical.

Grrr... I am doing so many things at the same time on two pcs that I had forgotten that i had stopped ssh server on B.

Box B and box C now are friends again with 4096bit encryption keys. GREAT work!

Now i only have left to connect box A to B on a different network and I think I have learned enough to e able to do this successfully tomorrow, but i will let you know.

Thank you.

p.s.: i find this tech stuff fascinating, especially networking!

Sorry. That is a typo. My mistake. It should read IdentityFile. There is an extra F in the misspelled one.

It's a good lesson though. Always double check advise against the manual pages in this case "man ssh_config"

I'll go and edit that post.

1 members found this post helpful.

News from work (box a).

I just learned that i should have copied the key-pair (boyh id_rsa and id_rsa.pub), on my flash drive, and not just id_rsa.pub, to make the authorized key file on box A.

So, i guess i will have the weekend off!

It depends on what you want to test.

You need the private key on the machine you are connecting from and the public key on the machine you are connecting to. If for some reason you need the public key but only kept a copy of the private key you can regenerate the public key using the -y option for ssh-keygen. You can't go the other way around though, you have to have the private key.

i was trying to create the "authorized_keys" file on box A (from flash drive box B key-pairs) and when I it kept on asking for the "id-rsa" file

I understood the private/public keys concept and where they should go/be. Although, I didn't know I could recreate the key on a different machine using -y. Well, I will go to box A tomorrow just to do this (as i am getting excited about it) and finish it.

In the meantime, I created a key-pairs on pc at work (box A) and copied it on flash drive so that once home I could append box-A-public-key to my desktop (box B), and it seems to have worked at first try (i hope, as i cannot know for sure until i test ssh connection between B and A) .

And just because i have a great social life, i think tonight I will spend some time making a config file to make connection easier between all three pc (box A, B and C when they need to talk to each other).

Enjoy the weekend everyone.