I recommend that this key pair be specifically intended for access to Lick, but it is permissible to use the default ssh identity. In either case, we strongly request that the RSA private key for this ssh identity be protected using a passphrase. We have no means of enforcing this request, but we do ask that it be done.
For the purposes of this document we will presume that the ssh
identity has been given the name
lickkey. The private
key for the identity would thus be named
~/.ssh/authorized_keysfile on machines at Lick.
In the example above this would mean that the
~/.ssh/lickkey.pub file is sent, perhaps via e-mail,
perhaps via scp.
First, ssh-agent must be started. Power users of ssh will already have modified their login or X session startup files to incorporate the agent as a natural part of their daily computing practice. I have some tips on the use of ssh-agent, but see the man page for full details.
Then ssh-add must be used to authorize the agent to hold the private key for the ssh identity. In this example the command would be