Scribd Logo
Hochladen

Willkommen bei Scribd!

  • How To Configure SSH Key-Based Authentication On A Linux Server - DigitalOcean

    Hochgeladen von

    geko1
    71 Ansichten19 Seiten
    How to Configure SSH Key-Based Authentication on a Linux Server - DigitalOcean

    Originaltitel

    How to Configure SSH Key-Based Authentication on a Linux Server - DigitalOcean

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    How to Configure SSH Key-Based Authentication on a Linux Server - DigitalOcean

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    71 Ansichten19 Seiten

    How To Configure SSH Key-Based Authentication On A Linux Server - DigitalOcean

    Hochgeladen von

    geko1
    How to Configure SSH Key-Based Authentication on a Linux Server - DigitalOcean

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 19

    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    fail2ban

    1 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    ~/.ssh/authorized_keys

    ssh-keygen

    ssh-keygen

    Generating public/private rsa key pair.


    Enter file in which to save the key (/home/username/.ssh/id_rsa):

    ~/.ssh
    id_rsa id_rsa.pub

    2 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    /home/username/.ssh/id_rsa already exists.


    Overwrite (y/n)?

    Created directory '/home/username/.ssh'.


    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:

    3 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    Your identification has been saved in /home/username/.ssh/id_rsa.


    Your public key has been saved in /home/username/.ssh/id_rsa.pub.
    The key fingerprint is:
    a9:49:2e:2a:5e:33:3e:a9:de:4e:77:11:58:b6:90:26 username@remote_host
    The key's randomart image is:
    +--[ RSA 2048]----+
    | ..o |
    | E o= . |
    | o. o |
    | .. |
    | ..S |
    | o o. |
    | =o.+. |
    |. =++.. |
    |o=++. |
    +-----------------+

    4 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    cat ~/.ssh/id_rsa.pub

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNqqi1mHLnryb1FdbePrSZQdmXRZxGZbo0gTfglysq6KMNUNY2

    5 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    ~/.ssh
    /authorized_keys

    ssh-copy-id

    ssh-copy-id

    ssh-copy-id username@remote_host

    The authenticity of host '111.111.11.111 (111.111.11.111)' can't be established.


    ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
    Are you sure you want to continue connecting (yes/no)? yes

    6 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    id_rsa.pub

    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now i
    username@111.111.11.111's password:

    ~/.ssh/id_rsa.pub ~/.ssh
    authorized_keys

    Number of key(s) added: 1

    Now try logging into the machine, with: "ssh 'username@111.111.11.111'"


    and check to make sure that only the key(s) you wanted were added.

    id_rsa.pub

    ssh-copy-id

    ~/.ssh

    authorized_keys

    >>

    7 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    cat ~/.ssh/id_rsa.pub | ssh username@remote_host "mkdir -p ~/.ssh && cat >> ~/.ssh/autho

    The authenticity of host '111.111.11.111 (111.111.11.111)' can't be established.


    ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
    Are you sure you want to continue connecting (yes/no)? yes

    username@111.111.11.111's password:

    id_rsa.pub
    authorized_keys

    id_rsa.pub ~/.ssh/authorized_keys

    id_rsa.pub

    cat ~/.ssh/id_rsa.pub

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCqql6MzstZYh1TmWWv11q5O3pISj2ZFl9HgH1JLknLLx44+tXf

    8 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    ~/.ssh

    mkdir -p ~/.ssh

    authorized_keys
    id_rsa.pub authorized_keys

    echo public_key_string >> ~/.ssh/authorized_keys

    public_key_string cat ~/.ssh


    /id_rsa.pub ssh-rsa AAAA...

    ssh username@remote_host

    The authenticity of host '111.111.11.111 (111.111.11.111)' can't be established.


    ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
    Are you sure you want to continue connecting (yes/no)? yes

    9 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    sudo

    sudo

    sudo nano /etc/ssh/sshd_config

    PasswordAuthentication

    PasswordAuthentication no

    sudo service ssh restart

    sshd

    sudo service sshd restart

    10 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    11 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    ssh -i

    Host REMOTE_HOST_IP # should be xxx.xxx.xxx.xx


    IdentityFile LOCATION_OF_YOUR_PRIVATE_KEY # for example ~/.ssh/myprivatekey (notic

    12 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    13 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    14 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    ssh-keygen id_rsa

    ssh-copy-id

    15 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    16 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    17 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    testClient testServer

    testClient

    ssh-keygen
    ~/.ssh/authorized_keys
    ssh-copy-id

    testServer ~/.ssh
    /authorized_keys ssh-copy-id testServer@Server-
    B_IP_address testServer

    ssh-copy-id
    ssh ssh testServer@Server-B_IP_address

    18 of 19 3/5/2018, 5:21 PM
    How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

    19 of 19 3/5/2018, 5:21 PM

    Das könnte Ihnen auch gefallen