ssh-keygen
-- Generates public/private key pair for RSA authentication usage.
ssh-agent -- manages ssh identity keys -- hands keys to an inquiry from
an sshd
ssh-add -- adds private key to ssh-agent's management
ssh -- This is the client side program, similar to rsh and telnet
scp -- This is similiar to rcp
In order to use ssh to the best of its abilities, one needs a public/private key. Simply run:
ssh-keygen
Might want to chose at least the 700+ thing in order for decent security. Choose a good sentence for your pass phrase. Something not easily guessable.
Once your keys are generated they are stored in ~/.ssh/identity.pub and ~/.ssh/identity. I strongly suggest you copy ~/.ssh/identity.pub to ~/.ssh/authorized_keys. In order to provide seamless operation, mimicing rsh/rlogin, one will need to do something similar to:
exec ssh-agent <shell> e.g.
exec ssh-agent /bin/tcsh
ssh-add (it will ask for your passphrase)
And then, once you have your identity.pub key stored in the authorized_keys file for a remote user, one can simply do:
ssh -l <user> <remote host>
or
scp <user>@<remotehost>:/remote/file/location /local/file
scp /local/file <user>@<remotehost>:/remote/file/location
In my .xsession, the last line is:
ssh-agent xterm
Within the xterm, I then run:
ssh-add
<windowmanager>
This allows me to ssh to any machine without having to type my password or passphrase over and over. The ssh-agent stores the public key provided via the ssh-add command and hands it off upon request.
Some users might have ssh-askpass in their .xsession. This is supposed to provide the same functionality as the steps above, but I found that it didn't work as well as I'd hoped. YMMV.
If your identity.pub file/contents are included in a users authorized_keys file, you can log into a remote machine as that user provided you enter your passphrase correctly. A user may have different passphrases and identities as one wants.