I have Ubuntu desktop, and I have been given a PEM file (mykey.pem) that is the SSH private key for a Linux server. I am trying to figure out where this PEM file needs to be placed locally on my machine, and how it can be configured/added to my "SSH known hosts".
Googling this subject matter turns up lots of answers/articles for creating SSH keys, but not for adding an existing key to known hosts. Ideas?
I don't know about different types of SSH keys. But you would put the public key on the destination computer, not your private key. Your private key stays private.
And the public key of the source computer should be placed on the dest computer in ~/.ssh/authorized_keys This can be done manually or via the ssh-keygen command.
I suggest you do cat on the public key on the source computer and cat on authorized_keys on the dest computer and make sure the source's one looks like it is the same format as those in authorized_keys
The known_hosts file is something which gets appended to automatically. You don't need to edit it manually. You can connect even after deleting the known_hosts file.
EDIT-
To incorporate some of the comments into the answer. The public key comes from the private key. Normally the private key stays private, but the OP was being given a private key, this is unusual, but it's an interesting way of doing it, because it means the dest computer can then already have his public key. So he could log in without having to add anything to the dest computer's authorized_keys. ssh -i always takes a private key. He need only do ssh -i path/to/privatekeyfile user@dest The OP is using "openstack", some cloud service, and as the openstack site says docs.openstack.org/user-guide/content/ssh-into-instance.html $ ssh -i MyKey.pem ubuntu@10.0.0.2 So whatever the name of the private key file is, and wherever it is stored, you specify that when doing ssh -i
According to the ssh manual:
-i identity_file
Selects a file from which the identity (private key) for public key authentication is read. The default is ~/.ssh/identity for protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2.
E.g. $ ssh -i mykey.pem user@host.domain.
You can also add your key to the authentication agent to save you from having to pass the identity file every time you want to connect to the remote server:
ssh-add — adds private key identities to the OpenSSH authentication agent
E.g. after $ ssh-add mykey.pem you can just do $ ssh user@host.domain.
Generate a public key from your PEM key:
ssh-keygen -y -f YOUR_PEM_KEY.pem > YOUR_PUBLIC_KEY.pub
cat YOUR_PUBLIC_KEY.pub
Then copy the YOUR_PUBLIC_KEY.pub content and added it to ~/.ssh/authorized_keys
Like this:
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5UuqxCSHJciC7yCKiA9aWLxW YOUR_PEM_KEY
