Difference between revisions of "Ssh ssl key login"
| Line 5: | Line 5: | ||
[jamie@server ~]$ ssh-keygen -b 4096 | [jamie@server ~]$ ssh-keygen -b 4096 | ||
</pre> | </pre> | ||
| − | <br / | + | <br /> |
Save private key in VERY VERY SAFE PLACE! | Save private key in VERY VERY SAFE PLACE! | ||
Save public key in VERY VERY SAFE PLACE, as well as upload it to any server needing to log into using this key, by appending the /home/jamie/.ssh/authorized_keys file using cat. The public key uploaded to servers needing it to log into should be renamed to something that makes the key human identifiable, aka: server.dawgland.com.id_rsa.pub which will allow ssh login without using a password: | Save public key in VERY VERY SAFE PLACE, as well as upload it to any server needing to log into using this key, by appending the /home/jamie/.ssh/authorized_keys file using cat. The public key uploaded to servers needing it to log into should be renamed to something that makes the key human identifiable, aka: server.dawgland.com.id_rsa.pub which will allow ssh login without using a password: | ||
| Line 13: | Line 13: | ||
[jamie@server ~]$ cat server.dawgland.com.id_rsa.pub >> /home/jamie/.ssh/authorized_keys | [jamie@server ~]$ cat server.dawgland.com.id_rsa.pub >> /home/jamie/.ssh/authorized_keys | ||
[jamie@server ~]$ chmod 600 /home/jamie/.ssh/authorized_keys | [jamie@server ~]$ chmod 600 /home/jamie/.ssh/authorized_keys | ||
| − | </pre> | + | </pre><br /> |
The chmod 600 command is required on only some Linux distros, but not on others, I have discovered.<br /> | The chmod 600 command is required on only some Linux distros, but not on others, I have discovered.<br /> | ||
For instance, with most Redhat based distributions, the chmod 600 command IS required.<br /> | For instance, with most Redhat based distributions, the chmod 600 command IS required.<br /> | ||
Revision as of 20:32, 13 June 2015
SSH Password-Less Setup
Create private & public keys:
[jamie@server ~]$ ssh-keygen -b 4096
Save private key in VERY VERY SAFE PLACE!
Save public key in VERY VERY SAFE PLACE, as well as upload it to any server needing to log into using this key, by appending the /home/jamie/.ssh/authorized_keys file using cat. The public key uploaded to servers needing it to log into should be renamed to something that makes the key human identifiable, aka: server.dawgland.com.id_rsa.pub which will allow ssh login without using a password:
[jamie@server ~]$ scp server.dawgland.com.id_rsa.pub jamie@ermarc.net [jamie@server ~]$ ssh jamie@ermarc.net [jamie@server ~]$ cat server.dawgland.com.id_rsa.pub >> /home/jamie/.ssh/authorized_keys [jamie@server ~]$ chmod 600 /home/jamie/.ssh/authorized_keys
The chmod 600 command is required on only some Linux distros, but not on others, I have discovered.
For instance, with most Redhat based distributions, the chmod 600 command IS required.
But, I have found that with Debian based distros, it is not required!
To find out for sure, check the logs, specifically, /var/log/secure, with Redhat based systems, for messages like this:
Jun 13 13:20:59 localhost sshd[17548]: Authentication refused: bad ownership or modes for file /home/jamie/.ssh/authorized_keys
The server.dawgland.com.id_rsa.pub key can be uploaded to any and all servers needing ssh access to and configured as above. This will allow you to log into the server without being prompted or needing to enter in your password!