ssh-copy-id
use the cmd ssh-copy-id to copy ssh keys to a remote vps
The Short
To run this command, there needs to already be:
- A public key locally
- A user on the remote computer to which to assign the key
ssh-copy-id user@ipv4-address
—
Information
I often use Digital Ocean’s droplet product to host web apps. While there is a user interface console on digitalocean, more efficiently, I’d like to access the server from my local computer’s shell. To accomplish this, a user must be added to the droplet’s OS, and my local computer must be set up to authenticate into that user account. A way to make this happen is Secure Shell Protocol, SSH.
I’ll keep it simple. Let it be understood that on my local computer, I will have a two SSH tokens — a public key and a private key. I will share the public key with any remote computer which I will be accessing via SSH. When I connect to the remote computer, the SSH protocol process checks if the remote host has the public key I shared with it. If it does, the connection is established.
The ssh-copy-id command, run from the terminal, accepts as parameters the remote host’s user and IP address, and copies the local user’s public SSH key onto the remote host. This one-liner is a simplification of a process which would require several steps otherwise.
—
Further
ssh-copy-id [-f] [-n] [-i identity file] [-p port] [-o ssh_option] [user@]hostname
The options have the following meaning:
-f Don’t check if the key is already configured as an authorized key on the server. Just add it. This can result in multiple copies of the key in authorized_keys files.
-i Specifies the identity file that is to be copied (default is ~/.ssh/id_rsa). If this option is not provided, this adds all keys listed by ssh-add -L. Note: it can be multiple keys and adding extra authorized keys can easily happen accidentally! If ssh-add -L returns no keys, then the most recently modified key matching ~/.ssh/id*.pub, excluding those matching ~/.ssh/*-cert.pub, will be used.
-n Just print the key(s) that would be installed, without actually installing them.
-o ssh_option Pass -o ssh_option to the SSH client when making the connection. This can be used for overriding configuration settings for the client. See ssh command line options and the possible configuration options in ssh_config.
-p port Connect to the specified SSH port on the server instead of the default port 22.
-h or -? Print usage summary.
Written: March 29, 2024
Last updated: September 23, 2024
About the Author
Alexa Anderson is an engineer and evangelist with a penchant for making products geared for progress and achievement. When not writing software, Alexa spends her time curating content and sharing her discoveries.