Needs a clarification for the ssh-copy-id command

user842225

2/9/24, 1:14 PM

Say I have two computers connected to the same Wifi network. Let's call them computer-A & computer-B.

I am using computer-A, I can ping computer-B without issues.

Now, on computer-A, I have generated a new SSH key pair (but not the default id_rsa pair which this computer already have). Let's call the keys : newkey and newkey.pub.

I would like to use ssh-copy-id command to copy the newkey.pub to computer-B.

I get confused at this point, in order to do above thing, does computer-B need to have a previously generated public key of keypair from computer-A in order to establish a SSH connection for the ssh-copy-id to work?

Asking in another way, if computer-B doesn't have any public key at all from computer-A, would ssh-copy-id still work?

I checked this ssh-copy-id doc, I wonder in their example ssh-copy-id -i ~/.ssh/mykey user@host, is that ~/.ssh/mykey a public key or private key?

200

1 + 0

ssh

ssh-keys

Score:0

Server

Lacek

2/9/24, 1:32 PM

ssh-copy-id uses ssh for connecting. So if there is a key available already, it will use that (in case of multiple identity files). If there is no key, it will ask for a password.

+ 7

user842225

2/9/24, 1:35 PM

Could you please be more specific? When you say "if there is a key available already", which key? (the public or private one)? available in where? (computer-A or computer-B) in my case?

user842225

2/9/24, 1:36 PM

I mainly want to understand if computer-B doesn't have any key, would `ssh-copy-id` still work on computer-A to move key to computer-B

Lacek

2/9/24, 2:26 PM

`ssh-copy-id` will behave exactly as if `ssh` would if you issued the `ssh computer-B` command on computer-A. If `ssh` asks for a password, so will `ssh-copy-id`. If it isn't, `ssh-copy-id` won't either.

user842225

2/9/24, 2:53 PM

This is exactly what confused me, if it is like that, why I see people use `ssh-copy-id` for copy public key to another machine in order to establish SSH connection, if using `ssh-copy-id` is same as using `ssh` it would mean the public key should already in place of the remote machine before using `ssh-copy-id`. Your answer still makes it like a "chicken-egg which one first" confusion to me... I wish I could get an answer explain the point of using `ssh-copy-id` to move public key to another machine for establish SSH connection... I hope you understand the confusion I am having now.

Nikita Kipriyanov

2/9/24, 3:07 PM

It makes you to enter password only once (during ssh-copy-id) and then use only key based auth, for example. If you don't have any prior means to authenticate to the server somehow (with password, previously transferred key, gssapi, etc.), ssh-copy-id won't work.

user842225

2/9/24, 3:11 PM

@NikitaKipriyanov , thanks. Do I interpret your answer correctly that in the 1st place, when the remote host doesn't have any SSH public key of my machine, it would use the password authentication to establish the SSH connection (while using `ssh-copy-id`), after which the public key then copied over the network, and then, the connection between my machine and the remote host starts using ssh key authentication to establish SSH connection ?

Nikita Kipriyanov

2/9/24, 3:13 PM

Yes, you use password or whatever else is configured once. If key-based auth enabled and ssh-copy-id succeeds, you may start using key-based authentication.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Needs a clarification for the ssh-copy-id command

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.