SSH Key Based Authentication

From 5dollarwhitebox.org Media Wiki

Please note that 'localbox' is the host you are SSHing from, and 'remotebox' is the host you are SSHing to. In the real world you may need to be referencing a FQDN such as 'localbox.domain.com' or 'remotebox.domain.com'.

[edit]

Create the Public/Private Key Pair

Create the Key Pair on the system that you are SSHing *from*:

[user@localbox ~/]$ ssh-keygen -t rsa

[user@localbox ~/]$ ssh user@remotebox "mkdir ~/.ssh"

[user@localbox ~/]$ ssh user@remotebox "chmod 700 ~/.ssh"

[user@localbox ~/]$ scp ~/.ssh/id_rsa.pub user@remotebox:~/localbox.pub

[user@localbox ~/]$ ssh user@remotebox "cat ~/localbox.pub >> ~/.ssh/authorized_keys"

[user@localbox ~/]$ ssh user@remotebox "chmod 600 ~/.ssh/authorized_keys"

You should now be able to connect without a password:

[user@localbox ~/]$ ssh user@remotebox

[user@remotebox ~/]$

[edit]

SSH Client Configuration File

There are many times that you might want to configure a Client Config file, especially when you connect to a host that runs on a non-standard port. The following is what a sample config file might look like:

[user@localbox ~/]$ cat ~/.ssh/config

Host remotebox
        Port 2222
        User user
        IdentityFile ~/.ssh/id_rsa

Retrieved from "http://www.5dollarwhitebox.org/wiki/index.php/SSH_Key_Based_Authentication"

SSH Key Based Authentication

From 5dollarwhitebox.org Media Wiki

Create the Public/Private Key Pair

SSH Client Configuration File

Views

Personal tools

Navigation

Search

Toolbox