Setup SSH public key based authentication in CentOS, Redhat linux

Securing SSH of a server in a network is the primary task of every system admin. In the previous article I wrote about how to block root user login via ssh. This tutorials helps you to setup ssh public key based authentication.

ssh-keygen can create RSA keys for use by SSH protocol version 1 and DSA, ECDSA or RSA keys for use by SSH protocol version 2. The type of key to be generated is specified with the -t option. If invoked with‐out any arguments, ssh-keygen will generate an RSA key for use in SSH protocol 2 connections

root@linuxinternetworks:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/user1
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/user1.
Your public key has been saved in /root/.ssh/
The key fingerprint is:
c6:60:cb:ca:6c:8f:5d:8c:d2:fd:a7:25:4b:c7:4c:59 root@linuxinternetworks
The key’s randomart image is:
+–[ RSA 2048]—-+
| |
| |
| o E |
| o + o |
| o S o |
| o
o = + |
| * o + o = |
| . = . o =. |
| . o +o |

Now copy the public key file to remote machine using ssh-copy-id command

Public Key : /root/.ssh/
Private Key : /root/.ssh/user1

root@linuxinternetworks:~# ssh-copy-id -i /root/.ssh/’s password:
Now try logging into the machine, with “ssh ‘'”, and check in:


to make sure we haven’t added extra keys that you weren’t expecting.

Use the private to login into the remote machine, this time it wont ask the password ssh -i /root/.ssh/user1
Last login: Sun Jun 30 09:46:58 2013 from
[user1@server2 ~]$ exit

If you want, you can keep both password and key based authentication or else you can disable password authentication. Check here about How to disable password authentication.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Add a Comment

Your email address will not be published. Required fields are marked *