SSH(Secure Shell) is a secure connection between a client and a server. With SSH command through creating tunnels, remote machines, forward ports, and more
SSH keys supports two authentication mechanisms ones are password and second one public-key based authentication.
SSH key-based authentication through connect remote Linux servers without entering a password.
Creating SSH keys on Ubuntu
Step :-1 The create key pair on the client machine :
sudo chmod -R 777 /home/user/.ssh
ssh-keygen -t rsa -b 4096 -C "xyz@domain.com"
Output
Enter file in which to save the key (/home/yourusername/.ssh/id_rsa):
After Press Enter to accept and continue
If you choose to overwrite the key on disk you can enter to Yes.
You should then see the following prompt:
Output
Enter passphrase (empty for no passphrase):
After enter a secure passphrase and generate key figerprint and Image key.
Output
Your identification has been saved in /home/sohan/.ssh/id_rsa
Your public key has been saved in /home/sohan/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:X2rVWP99/9zcPNDNUwzNO4Iws/G6SVUYAKZ5Zae6RRU xyz@domain.com
The key's randomart image is:
+---[RSA 4096]----+
| o.+.E+ o |
| + o=+. .. o|
| o . oB o .o.|
| . o. + = +o|
| .S.o + +.=|
| o+ + . o=|
| .. * . =|
| + ==|
| @|
+----[SHA256]-----+
Which directory ssh id save ls command through to check.
ls ~/.ssh/id_*
Output
/home/sohan/.ssh/id_rsa /home/sohan/.ssh/id_rsa.pub
Now public and private key that you can use to authenticate to use SSH-key-based authentication to log in.
Step 2 :— Copying the Public Key to Your Ubuntu Server
The fastest way to copy your public key to the server is to use a utility called ssh-copy-id.
ssh-copy-id username_remote@remote_host
Once the user is authenticated, the public key ~/.ssh/id_rsa.pub will be create.
You may see the following message:
you can use the following command to copy the public key in server:
cat ~/.ssh/id_rsa.pub | ssh remote_username@server_ip_address "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"
Login to your server using SSH keys
After completing upper steps log in to the remote server without login password.
ssh remote_username@server_ip_address
If you haven’t set a passphrase for the private key, you will be logged in immediately to connect server.
Disabling SSH Password Authentication
Disabling SSH password authentication you can login server ip
ssh sudo_user@server_ip_address
Open the SSH configuration file /etc/ssh/sshd_config with your text editor :
sudo nano /etc/ssh/sshd_config
Once you are done, save and restart the SSH service :
sudo systemctl restart ssh
All above changes to password-based authentication is disabled.
Conclusion
SSH key based authentication configured in your server to sign in without providing an account password.
0 Comments