Home ยป SSH Key-Based Authentication

SSH Key-Based Authentication

written by Snaky 0 comment 114 views

Steps as follow:

  1. Install and enable OpenSSH Server
  2. Generate to keys (public and private key), use puttygen.exe in Windows or ssh-keygen in Linux.
  3. Copy id_rsa.pub (public key) to server, and save it into .ssh folder in ssh server if this is non-admin account
  4. If used puttygen.exe to generate the private key, please save it (id_rsa.ppk) into safe place in local PC.
  5. If used ssh-keygen in Linux, please use puttygen.exe to convert the private key in to *.ppk file extension.
  6. Rename or copy the id_rsa.pub (public key) with filename “authorized_keys”
  7. Set connection from ssh client, add id_rsa.ppk (private key) on created profile
  8. Test to use key file to access SSH server, and make sure can use su or sudo command in linux. For Windows, please make sure RDP port forwarding is working.
  9. Disable password-based authentication. On Linux, vim \etc\ssh\sshd-config, and then change “PasswordAuthentication no”. On Windows, the sshd-config is locate %programdata%\ssh\ssh_config, and do the same to change “PasswordAuthentication no”.
  10. Option – for restricted root login, edit the same sshd-config file, to change PermitRootLogin from yes to no.
  11. Once all update made, restart the sshd service. For Linux, run systemctl restart sshd . For Windows machine, go to Control Panel > Administrative Tools > Services, then locate and select OpenSSH in the list of services, and click Restart.

Done.

Leave a Comment

Save my name, email, and website in this browser for the next time I comment.