Simon Willison’s Weblog

SSH public key authentication

I’ve been having fun with SSH lately. Did you know you can set up SSH so you can log in to servers without having to provide a password? It’s called “public key authentication” and is apparently more secure than using a normal password. You generate a public/private key using a program called ssh-keygen, and store a copy of the public key on the server(s) you wish to authenticate with. When you attempt to log in, the server sends you a message encrypted with your public key—your machine decrypts it and sends back the original message, proving your identity.

I learnt how to set it up from this PDF file (well, actually the Google HTML conversion). PuTTY on Windows has the same capability but needs to be set up in a very different way—information on that can be found in the excellent PuTTY documentation.

I’m probably the last person on earth to cotton on to this, but it’s so neat I just had to share.

This is SSH public key authentication by Simon Willison, posted on 20th February 2003.

Next: Slow professional suicide

Previous: Python for Java programmers

Previously hosted at