home » it » operating system » linux » linux security

How to do SSH key authentication

Published: 23-Jan-2011 (21:30); Viewed: 1547; Difficulty: 1 out of 10

Rating: N/A



RSA key-based authentication is one of the simplest and most secure way to login from Unix computer to remote Unix based computer. You need to enter secret pass-phrase only once, and then you can login (ssh), copy (scp) or synchronize files (rsync) without entering password or secret pass-phrase.

step-by-step instructions

  1. Create set of RSA keys which will be used for authentication We recommend to use very strong security level:

    ssh-keygen -t rsa -b 4096


  2. Answer by default to all questions, but please enter very long and secure pass-phrase, which you should remember very well.
    Generating public/private rsa key pair will be as follow:

    Enter file in which to save the key (/home/yourname/.ssh/id_rsa):
    Enter pass-phrase (empty for no pass-phrase): <-here should be very long phrase
    Enter same pass-phrase again:
    Your identification has been saved in /home/yourname/.ssh/id_rsa.
    Your public key has been saved in /home/yourname/.ssh/id_rsa.pub.



  3. Transfer your keys to hosts, which you will need to use in future.

    ssh-copy-id <username>@<host>

    Where <username> - user name on remote Unix system, <host> - address of the remote Unix system.



tips and tricks

  • Select very strong pass-phrase.
  • If you lost your pass-phrase, you can create new one and reset all authentication keys.
Rate:
1 2 3 4 5 6 7 8 9 10
by: John Farnon
Delicious submit to reddit Add to Technorati Favorites
tags: internet security; linux; ssh

also read

  • How to make strong passwordHow to make strong password
    For access to different websites you should have your own username and password. For security reasons, this password should be unique for each ...

  • How to make strong pass-phrase
    For secure protection of some very important information it is necessary to use extremely secure pass-phrases. Pass-phrases are usually much longer ...

  • How to change pass-phrase for SSH key authentication
    RSA key based authentication is one of the most secure and convenient way for authorization between Unix computers. One of the classical mistakes, ...


navigation:officials:topics:
  • copyright
  • privacy
  • contacts