Introduction: SSH Key Authentication is a way to log in any Linux server without any password. This authentication process uses public and private key instead of password. When a client attempts to authenticate using SSH keys, the server will test the client on whether they have the private key. If the client can prove that it owns the private key, a shell session is spawned or the requested command is executed.
Steps to Create SSH Key Authentication:
Step 1 —
First of all, Create a private key for the client and public key for the server from a client machine. The key pair is created by the user itself. Therefore, log in to the client side as the user who creates the key pair. Then follow the commands:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/technhit/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/technhit/.ssh/id_rsa.
Your public key has been saved in /home/technhit/.ssh/id_rsa.pub.
The key fingerprint is:
The key's randomart image is:
|=o .o.+o |
|.. . o . |
| o o o + o |
|o.= + S o + |
|..oE = + o o |
| o o B = . . |
| + . o * o . |
| . .. . . ... |
As you see above we do not set the path, let it be the default (/root/.ssh/id_rsa ). and we do not set any passphrase. That means using that key files anyone can log in (eg. root on the target machine) and have the same level of access of the user and no password will be asked when the client tries to connect to the servers. Protecting the keys with password means that every time the user tries to connect to a server using those keys, the password for decrypting it will be asked.
After creating keys on the client, you have to install public key (id_rsa.pub) to the server side with name authorized_keys. If you don’t have ~/.ssh directory on the server side then you have to create the same. Now log in to the server computer.
technhit@technhit-server:$ chmod 700 ~/.ssh
Step 3 ––
Now log in to your client computer and simply adds the contents of client’s
~/.ssh/id_rsa.pub to the server’s
id_rsa.pub 100% 397 0.4KB/s 00:00
Now log in to your server from client system with key authentication just simply type:
Welcome to Ubuntu 16.04 LTS (GNU/Linux 4.4.0-62-generic x86_64)
* Documentation: https://help.ubuntu.com/
321 packages can be updated.
4 updates are security updates.
Last login: Sat Feb 18 17:25:25 2017 from 188.8.131.52
We logged in successfully.
Watch On Youtube: