Configure SSH Key Authentication

Introduction: SSH Key Authentication is a way to log in any Linux server without any password. This authentication process uses public and private key instead of password. When a client attempts to authenticate using SSH keys, the server will test the client on whether they have the private key. If the client can prove that it owns the private key, a shell session is spawned or the requested command is executed.

SSH Key Authentication

Steps to Create SSH Key Authentication:

Step 1 —

First of all, Create a private key for the client and public key for the server from a client machine. The key pair is created by the user itself. Therefore, log in to the client side as the user who creates the key pair. Then follow the commands:

technhit@technhit-client:$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/technhit/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/technhit/.ssh/id_rsa.
Your public key has been saved in /home/technhit/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:2BE0mYwJIBg4QLJf9eeHK7TtFfyroNEC86YCnkPIdM4 technhit@ubuntu
The key's randomart image is:
+---[RSA 2048]----+
|Xo.....=+o |
|=o .o.+o |
|.. . o . |
| o o o + o |
|o.= + S o + |
|..oE = + o o |
| o o B = . . |
| + . o * o . |
| . .. . . ... |
+----[SHA256]-----+


As you see above we do not set the path, let it be the default (/root/.ssh/id_rsa ). and we do not set any passphrase. That means using that key files anyone can log in (eg. root on the target machine) and have the same level of access of the user and no password will be asked when the client tries to connect to the servers. Protecting the keys with password means that every time the user tries to connect to a server using those keys, the password for decrypting it will be asked.

Step 2– 

After creating keys on the client, you have to install public key (id_rsa.pub) to the server side with name authorized_keys. If you don’t have ~/.ssh directory on the server side then you have to create the same. Now log in to the server computer.

technhit@technhit-server:$ mkdir ~/.ssh

technhit@technhit-server:$ chmod 700 ~/.ssh

Step 3 –

Now log in to your client computer and simply adds the contents of client’s ~/.ssh/id_rsa.pub to the server’s ~/.ssh/authorized_keys

technhit@technhit-client:$ scp /home/technhit/.ssh/id_rsa.pub technhit@123.63.218.18:/home/technhit/ .ssh/authorized_keys
technhit@123.63.218.18's password:
id_rsa.pub 100% 397 0.4KB/s 00:00

Step 4–

Now log in to your server from client system with key authentication just simply type:

technhit@technhit-client:$ ssh technhit@123.63.218.18
Welcome to Ubuntu 16.04 LTS (GNU/Linux 4.4.0-62-generic x86_64)

* Documentation: https://help.ubuntu.com/

321 packages can be updated.
4 updates are security updates.

Last login: Sat Feb 18 17:25:25 2017 from 47.11.7.236

We logged in successfully.

Watch On Youtube:

 

The following two tabs change content below.

Subroto Mondal

Chief Coordinator HR&CR
I like Programming and New Technologies. And work with Linux.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.