How to SSH to Remote Host using the Priviate/Public Keys Authentication?
codeonsteem
4 minutes read (About 566 words)

How to SSH to Remote Host using the Priviate/Public Keys Authentication?

Password Authentication is not secure. Your password may be too simple to crack or acidentally may be recorded or leaked. Therefore, it is a good practice to configure the authentication without using Password.

SSH using Public/Private Key Pair


The Simple Idea to replace Password Authentication is to Use a Private/Public Keys (Asymmetrical Cryptography Algorithm e.g. RSA). Let’s say you are on Host A and want to login to Host B. All you need to do is the following steps:

Generate a Public/Private Key Pair on Host A


You can run ssh-keygen -t rsa to generate a key pair. Just press Enter when questions are prompted. 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): 
Created directory '/home/user/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
XXXXXXXXXXXXXXXXXXXXXX user@HostA
The key's randomart image is:
+---[RSA 2048]----+

|         =B+o++. |
|        XXXXXXXX.|
|       . .o+XXXX*|
|        ..o @ o o|
|       XXXXX . . |
|      .o=.B .    |
|       o.*       |
|      XXXX       |
|       o         |
+----[SHA256]-----+

As you can see, in the /home/user directory, there will be two files: private key id_rsa which you should not give it to anybody else. And id_rsa.pub which you will need to give it to your destination Host.

Configure Authorized Keys on Destination Host


Then, on the Host server B, in the directory /home/user/.ssh/, we need to create a file if it is not there i.e. authorized_keys and you need to copy the content of the public key file namely id_rsa.pub and append to the end of the file. Each line will be one authorized key.

That is it. When this is all set, from Host A, you can directly SSH or scp to the Host B.

Avoid Permissions Pitfall


However, if it is not working, most of the time it is due to incorrect file permissions. You need to run the following on Host B.

1
2
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Also, the home directory need to be set correctly:

1
chmod g-w,o-w ~

Debugging SSH Login Problems


You can use ssh -v to see the verbose information which might help you identify the problem.

1
2
3
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:XXXXXXXXXXXXXXX /home/user/.ssh/id_rsa
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279

Every little helps! I hope this helps!

Steem On!~

Reposted to The Blog of Computing

If you like my work, please consider voting for me, thanks!
https://steemit.com/~witnesses type in justyy and click VOTE



Alternatively, you could proxy to me if you are too lazy to vote!

Also: you can vote me at the tool I made: https://steemyy.com/witness-voting/?witness=justyy

Visit me at: https://steemyy.com

This page is synchronized from the post: ‘How to SSH to Remote Host using the Priviate/Public Keys Authentication?’

# authentication, codeonsteem, login, password, security, ssh, tutorial, whalepower
How do you Unit Test a Simple Getter and Setter Interface in Java?
Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×