linux:ssh
This is an old revision of the document!
SSH
PUBLIC KEY AUTHENTICATION
SSH keeys come in pairs:
- .ssh/id_rsa - private key
- .ssh/id_rsa.pub - public key
Public key should be copied to servers into ~/.ssh/authorized_keys (it let's the server authenticate the user).
During the client authentication, the client will use its private key, and it will be verified by the public key stored in ~/.ssh/authorized_keys.
Private key is password protected when encrypted. A passphrase is only used to unlock the private key locally and is not transmitted in any form to the remote host.
GENERATING KEYS
This will generate private/public keys in the default directory:
$ ssh-keygen -b 4096 # default size is 2048
Files are here:
clienthost:~ user$ ls -l .ssh/ | grep id -rw------- 1 user user 1831 Aug 10 20:50 id_rsa -rw-r--r-- 1 user user 407 Aug 10 20:50 id_rsa.pub
After public key is copied to remote serve:
$ chmod 700 .ssh/ $ chmod 600 ~/.ssh/authorized_keys # paste your public key into this file
There is also a simpler way to copy a public key:
$ ssh-copy-id pi@192.168.2.73
SSHD
/etc/ssh/sshd_config:
PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys
MANAGING PASSPHRASE
$ ssh-agent $ ssh-add
linux/ssh.1779115545.txt.gz · Last modified: by v1ctor
