Wednesday, October 14, 2015

SSH server to login with Key based Authentication centos 6

In this tutorial we are going to configure SSH server to login with Key based Authentication. We need to create a private key for client and a public key for server to do it.
    Create key pair for each user, so login with a common user and work it like follows.
# create key pair

[clado@easylinux ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/clado/.ssh/id_rsa):   # Enter

Created directory '/home/clado/.ssh'.
Enter passphrase (empty for no passphrase):   # set passphrase (set no passphrase to Enter with empty)

Enter same passphrase again:

Your identification has been saved in /home/clado/.ssh/id_rsa.
Your public key has been saved in /home/clado/.ssh/id_rsa.pub.
The key fingerprint is:
38:f1:b4:6d:d3:0e:59:c8:fa:1d:1d:48:86:f0:fe:74 clado@easylinux.com
The key's randomart image is:

[clado@easylinux ~]$ mv ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys

[clado@easylinux ~]$ chmod 600 ~/.ssh/authorized_keys

[2]     Transfer the secret key created on the Server to a Client, then it's possbile to login with keys authentication.
[clado@www ~]$ mkdir ~/.ssh

[clado@www ~]$ chmod 700 ~/.ssh
# copy the secret key to local ssh directory

[clado@www ~]$ scp clado@10.0.0.30:/home/clado/.ssh/id_rsa ~/.ssh/

clado@10.0.0.30's password:
id_rsa
[clado@www ~]$ ssh -i ~/.ssh/id_rsa clado@10.0.0.30

Enter passphrase for key '/home/clado/.ssh/id_rsa':   # passphrase

Last login: Wed Jul 30 21:37:19 2014 from www.server.world
[clado@easylinux ~]$   # just logined

[3]     If you set "PasswordAuthentication" no, it's more secure.
[root@easylinux ~]# vi /etc/ssh/sshd_config
# line 66: turn to "no"

PasswordAuthentication no
[root@easylinux ~]# /etc/rc.d/init.d/sshd restart

No comments:

Post a Comment