ubuntu:ssh:creating_public_private_key_authentication_for_ssh
Table of Contents
Ubuntu - SSH - Creating public/private key authentication for SSH
To ensure the security of the connection when using SSH is by using public/private SSH keys, because passwords are not passed across the network and the system is resistant to attacks by “brute force”.
On the local machine
Create a .ssh directory
mkdir ~/.ssh
Create the SSH keys
Using RSA:
ssh-keygen -t rsa
or using DSA (Digital Signing Algorithm):
ssh-keygen -t dsa
When asked for a pass phrase leave blank, since our purpose is to automate things.
Two files in the .ssh directory: id_dsa and id_dsa.pub. The pub file has the public key and will be placed on the remote server.
Copy the public key to the remote server
Copy the id_dsa.pub file to the remote server via SCP:
scp ~/.ssh/id_dsa.pub username@example.com:/home/username/
On the remote server
Connect to the remote server with SSH
ssh username@example.com
Create a .ssh directory
mkdir ~/.ssh
Copy the public key to the file authorized_keys
cat id_dsa.pub >> ~/.ssh/authorized_keys
Remove file id_dsa.pub
rm id_dsa.pub
Setting the correct permissions on the key
chown -R username:username /home/username/.ssh chmod 700 /home/username/.ssh chmod 600 /home/username/.ssh/authorized_keys
Configuration SSH
sudo vi /etc/ssh/sshd_config
And check this lines:
- /etc/ssh/sshd_config
RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile %h/.ssh/authorized_keys PasswordAuthentication no
Restart the server
sudo /etc/init.d/ssh reload
Done
Test
Try to connect to the remote server with SSH:
ssh -i /path-to-private-key username@remote-host-ip-address
Or just this:
ssh username@remote-host-ip-address
ubuntu/ssh/creating_public_private_key_authentication_for_ssh.txt · Last modified: 2020/07/15 09:30 by 127.0.0.1