how do you create an ssh key for another user?

I'm trying to create an ssh key for another user. I'm logged in as root. Can I just edit the files generated by ssh-keygen and change root to the user I want?


Solution 1:

You could do that with ssh-keygen, however, remember that the private key is meant to be private to the user so you should be very careful to keep it safe- as safe as the user's password. Or even safer, as the user is not likely to be required to change it upon first login.

ssh-keygen -f anything creates two files in the current directory. anything.pub is the public key, which you could append to the user's ~/.ssh/authorized_keys on any destination server.

The other file, just called anything is the private key and therefore should be stored safely for the user. The default location would be ~username/.ssh/id_rsa (here named id_rsa, which is default for rsa keys). Remember that the .ssh directory cannot be readable or writeable by anyone but the user, and the user's home directory cannot be writeable by anyone but the user. Likewise, permissions must be tight on the private key, as well: Read/write for only the user, and the .ssh directory and private keyfile must be owned by the user.

Technically you could store the key anywhere. With ssh -i path/to/privatekey you could specify that location, while connecting. Again, proper ownership and permissions are critical and ssh will not work if you don't have them right.

Solution 2:

There's no user information in the SSH keys.

Last field in a public key is a comment (and can be changed by running the following command ssh-keygen -C newcomment).

No need to do anything special to make a key for another user, just put it in the right location and set permissions.