Wednesday, October 14, 2015

SSH server to login with Key based Authentication centos 6

In this tutorial we are going to configure SSH server to login with Key based Authentication. We need to create a private key for client and a public key for server to do it.
    Create key pair for each user, so login with a common user and work it like follows.
# create key pair

[clado@easylinux ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/clado/.ssh/id_rsa):   # Enter

Created directory '/home/clado/.ssh'.
Enter passphrase (empty for no passphrase):   # set passphrase (set no passphrase to Enter with empty)

Enter same passphrase again:

Your identification has been saved in /home/clado/.ssh/id_rsa.
Your public key has been saved in /home/clado/.ssh/
The key fingerprint is:
The key's randomart image is:

[clado@easylinux ~]$ mv ~/.ssh/ ~/.ssh/authorized_keys

[clado@easylinux ~]$ chmod 600 ~/.ssh/authorized_keys

[2]     Transfer the secret key created on the Server to a Client, then it's possbile to login with keys authentication.
[clado@www ~]$ mkdir ~/.ssh

[clado@www ~]$ chmod 700 ~/.ssh
# copy the secret key to local ssh directory

[clado@www ~]$ scp clado@ ~/.ssh/

clado@'s password:
[clado@www ~]$ ssh -i ~/.ssh/id_rsa clado@

Enter passphrase for key '/home/clado/.ssh/id_rsa':   # passphrase

Last login: Wed Jul 30 21:37:19 2014 from
[clado@easylinux ~]$   # just logined

[3]     If you set "PasswordAuthentication" no, it's more secure.
[root@easylinux ~]# vi /etc/ssh/sshd_config
# line 66: turn to "no"

PasswordAuthentication no
[root@easylinux ~]# /etc/rc.d/init.d/sshd restart

No comments:

Post a Comment