Setup SSH public key based authentication in CentOS, Redhat linux

Securing SSH of a server in a network is the primary task of every system admin. In the previous article I wrote about how to block root user login via ssh. This tutorials helps you to setup ssh public key based authentication.

ssh-keygen can create RSA keys for use by SSH protocol version 1 and DSA, ECDSA or RSA keys for use by SSH protocol version 2. The type of key to be generated is specified with the -t option. If invoked with‐out any arguments, ssh-keygen will generate an RSA key for use in SSH protocol 2 connections

root@linuxinternetworks:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/user1
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/user1.
Your public key has been saved in /root/.ssh/user1.pub.
The key fingerprint is:
c6:60:cb:ca:6c:8f:5d:8c:d2:fd:a7:25:4b:c7:4c:59 root@linuxinternetworks
The key’s randomart image is:
+–[ RSA 2048]—-+
| |
| |
| o E |
| o + o |
| o S o |
| o
o = + |
| * o + o = |
| . = . o =. |
| . o +o |
+—————–+

Now copy the public key file to remote machine using ssh-copy-id command

Public Key : /root/.ssh/user1.pub
Private Key : /root/.ssh/user1

root@linuxinternetworks:~# ssh-copy-id -i /root/.ssh/user1.pub user1@server2.linuxinternetworks.com
user1@server2.linuxinternetworks.com’s password:
Now try logging into the machine, with “ssh ‘user1@server2.linuxinternetworks.com'”, and check in:

~/.ssh/authorized_keys

to make sure we haven’t added extra keys that you weren’t expecting.

Use the private to login into the remote machine, this time it wont ask the password

root@linuxinternetworks.com:~# ssh -i /root/.ssh/user1 user1@server2.linuxinternetworks.com
Last login: Sun Jun 30 09:46:58 2013 from 115.241.5.76
[user1@server2 ~]$ exit

If you want, you can keep both password and key based authentication or else you can disable password authentication. Check here about How to disable password authentication.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...Loading...

Add a Comment

Your email address will not be published. Required fields are marked *