Secure Shell (SSH) is widely used to access shell on a remote Unix-like operating system. It uses public-private key pairs to authenticate remote machine and allow access.
1. ~/.ssh is where you keep the keys
Back to TOC
In a Unix-like environment, the keys are usually kept in the .ssh directory in your home directory(~).
ls -la ~/.ssh
You may or may not have a pair of key already:
id_rsa : private key file
id_rsa.pub : public key file
The id_rsa
private key file should be kept only by yourself. When you need to give out the key on request, provide the id_rsa.pub
public key file.
2. Create new key pairs: mykey, mykey.pub
Back to TOC
We will now create the keys using 4096-bit RSA cryptotype with our email address as the comment in the key.
- bash command:
$ ssh-keygen -t rsa -C "myemail@mydomain.com" -b 4096 -f ~/.ssh/mykey
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): [Prefer a passphrase]
Enter same passphrase again:
The new keys are now in ssh folder.
Your identification has been saved in /home/user/.ssh/mykey.
Your public key has been saved in /home/user/.ssh/mykey.pub.
3. Add private key to local session
Back to TOC
Change the file permission to 700.
$ chmod 700 ~/.ssh/mykey*
Start the authentication agent and add the private key.
$ eval `ssh-agent -s`
$ ssh-add ~/.ssh/mykey
Above method will last until logout session.
4. Load the private key on login in local machine.
Use
>>
for append.
Don’t try to lose existing key(s) in the file.
$ echo "IdentityFile ~/.ssh/mykey" >> ~/.ssh/config
Effective upon next login.
5. Add public key in remote machine
Back to TOC
First copy the mykey.pub to a remote machine.
Append the public key to the file authorized_keys.
Use
>>
for append.
Don’t try to lose existing key(s) in the file.
$ cat ~/.ssh/mykey.pub >> ~/.ssh/authorized_keys
Test your connection from local machine with private key.
$ ssh -T yourremoteid@remoteaddress
7. Genarate public key from private key
Back to TOC
You can always generate the same public key from the private key, this is why you should never give out your private key.
$ ssh-keygen -y -f ~/.ssh/mykey > ~/.ssh/mykey.pub
Happy sshing!
Copyright © Zev23.com 2014 All Rights Reserved. No part of this website may be reproduced without Zev23.com’s express consent.
No comments:
Post a Comment