The procedure has a couple of errors. First, don't create the .ssh directory. ssh-keygen will do this for you automatically.
After ssh-keygen is finished, there will be a private and public file (key) in the .ssh directory. Be sure to check the permission for .ssh (should be 700) and the 2 keys (must be 600, never 7-anything).
While you can copy the public file, don't put it in .ssh. In fact, if you know how to handle long lines in vi, simply cat the public key file and copy-paste the contents into the .ssh/authorized_keys file. If authorized_keys does not exist, create it as a new file. Make sure the key has exactly 3 parts on *ONE* line. The parts are:
ssh-dss oneLongLineWithNOspaces source-comments-like-date-and-hostname
If you ftp the public key file to the remote system, be sure to store it in /tmp, then remember to delete it after the authorized_keys file has been updated. Always append (as mentioned above) to authorized_keys, and make sure the file is 600 permission. Also make sure that $HOME for this user is 755 or 750 and owned by the user.
Here is a partial example:
ssh-dss AAAAB3NzaC1kc3MAAAEBANoipziH5FRgwBLPyS... root@bh2-11.11 dsa
Lines that do not conform are silently ignored.
Now test the result with ssh and if you are asked for a password, the public key is not correct and you'll need to use ssh -VVV remote-server and post the results.
Bill Hassell, sysadmin
