Using SSH keys provide a more secure way of logging into a remote computer when compared to password authentication, and today I will walk you through how we can achieve this in 3 simple steps
For this demo I will be configuring SSH key authentication for the user account accountsguru to connect to the remote system mylinuxlab.net, accessing remotely from my local computer sraavi.
- user account: accountsguru
- local computer: sraavi
- remote system: mylinuxlab.net
Prerequisite: User accountsguru must be having an account already existing in the remote system mylinuxlab.net and authorized to access remotely.
Step1: Generate SSH public-private key pair
Logon to the local computer with the user account for which we want to create the SSH key pair, and run the following command
ssh-keygen
Below is the output generated. If you watch closely, in line 3 we are prompted to chose a directory and I accepted the default here, and in the next line we are prompted to enter a passphrase, which is to protect your private key. Passphrase adds an additional security layer because if in case a hacker got access to your private key he/she won’t be able to make any use as the private key is passphrase protected. Since we are doing a demo here I skipped the passphrase
[accountsguru@sraavi ~]$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/accountsguru/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/accountsguru/.ssh/id_rsa. Your public key has been saved in /home/accountsguru/.ssh/id_rsa.pub. The key fingerprint is: 7b:54:3e:f8:33:31:8e:70:81:f1:a3:4d:e2:52:c3:0b accountsguru@sraavi The key's randomart image is: +--[ RSA 2048]----+ | . | | . + | | E * = . | | + B * | | . S = = | | . = + + | | . o = | | . o | | | +-----------------+
From the output above, line 6 is our private key, and line 7 is the public key.
Step2: Copy the public key to the remote system
Now, copy the public key from your local computer to the remote system using the below command
ssh-copy-id accountsguru@mylinuxlab.net
Note that it will prompt to enter the password to access the remote computer, and here is how the result looks like
[accountsguru@sraavi ~]$ ssh-copy-id accountsguru@mylinuxlab.net /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys accountsguru@mylinuxlab.net's password: Number of key(s) added: 1
From the above two steps we’ve successfully generated key pair and configured the user account accountsguru to access remotely using SSH
Step3: Connect to the remote system using SSH
Now let’s try logging into the remote server using SSH with the following command
ssh accountsguru@mulinuxlab.net
And, here is how it looks after making a successful connection..
[accountsguru@sraavi ~]$ ssh accountsguru@mylinuxlab.net Last login: Fri Dec 9 19:28:33 2016 from 172.110.22.205 [accountsguru@mylinuxlab ~]$
To exit the remove server you can press tilda followed by dot (~.) and usually we won’t see the characters when we type them, but the session will terminate immediately
[accountsguru@mylinuxlab ~]$ Connection to mylinuxlab.net closed.
Hope this helps! If you have any feedback or a question, please leave it in the comment section below.
Hareesh G
Jayapal Vajrala
Suresh Raavi
DataGinger.com 