How to Set Up SSH Key Authentication On Linux

Views:
 
     
 

Presentation Description

That’s the basis for SSH Key Authentication. How it works in real life is that you create a key pair (which contains a private and public key), and copy the public key to the server you want to log into. If you attempt to login with key authentication, and the server doesn’t have the public key that matches your private key, it won’t allow you access.

Comments

Presentation Transcript

slide 1:

How to Set Up SSH Key Authentication On Linux

slide 2:

What is Key Authentication Understanding Key Authentication is actually quite simple. Imagine you have a lock and the only way to open that lock is with a specific key that the lock knows belongs to you. How does the lock know the key belongs to you Because the key contains a signature that is unique to you. Within the lock there is a matching signature the key uses for comparison. Should the signatures match they lock will open. Should the key fit but the signatures not match the lock won’t open. That’s the basis for SSH Key Authentication. How it works in real life is that you create a key pair which contains a private and public key and copy the public key to the server you want to log into. If you attempt to login with key authentication and the server doesn’t have the public key that matches your private key it won’t allow you access.

slide 3:

Generating an SSH Key Pair The first thing to do is generate an SSH Key Pair. To do this follow these steps: 1. Open a terminal window on your desktop.

slide 4:

Issue the command: ssh-keygen Give the key a name and location go with the default by using Enter/Return on your keyboard.

slide 5:

2. Enter and verify a passphrase for the key make sure this passphrase is strong and unique You now have an SSH key pair. These two files will be found in /.ssh and will be named: id_rsa - The private key. id_rsa.pub - The public key. Get more information visit here : office setup

slide 6:

Copy Your Public Key to the Remote Machine Next you must copy the public key file to the remote machine you want to log into. This can be done with the command: ssh-copy-id USERREMOTE_IP Where USER is a username on the remote machine and REMOTE_IP is the IP address of the remote machine.

slide 7:

Testing The Connection Test the connection by issuing the command: ssh USERREMOTE_IP Where USER is a username on the remote machine and REMOTE_IP is the IP address of the remote machine. Instead of being prompted for the user password you’ll be prompted for the SSH key pair passphrase. Once you’ve typed the correct key passphrase you’ll be allowed access to the remote machine. Congratulations SSH Key Authentication is up and running.

slide 8:

Disabling Password Authentication You can take this one step further by disabling password authentication. With this configuration in place the only way to gain access to the remote machine is from a machine containing the private key from the matching pair. In other words no key pair no access. To disable password authentication log into the remote machine and issue the command: sudo nano /etc/ssh/sshd_config In this file look for the line: PasswordAuthentication yes

slide 9:

Change that line to: PasswordAuthentication no Save and close the file. Restart SSH with the command: sudo systemctl restart sshd Now if you attempt to log into that remote machine from any desktop or server that doesn’t include the private key access will be denied.

slide 10:

THANKS FOR WATCHING Get more information visit here : office setup

authorStream Live Help