SSH/Public Key Authentication: Difference between revisions
Jump to navigation
Jump to search
(Created page with "== References== * [https://gist.github.com/shahedhossain/73adbb5d812786875705a26c0c174928 Fedora SSH Client Public Key Authentication] * [https://www.raspberrypi.org/documenta...") |
No edit summary |
||
| Line 1: | Line 1: | ||
<syntaxhighlight lang="bash"> | |||
#################### CLIENT SIDE #################### | |||
# generating a new ssh key and adding it to the ssh client | |||
# https://gist.github.com/shahedhossain/7d91028ba1eb9c56049ea421a12e76fd | |||
# ssh key generation for chorke | |||
ssh-keygen -t rsa -b 4096 -C "[email protected]" | |||
# Generating public/private rsa key pair. | |||
# Enter a file in which to save the key (/Users/user/.ssh/id_rsa): [Press enter] | |||
# Enter passphrase (empty for no passphrase): [Type a passphrase] | |||
# Enter same passphrase again: [Type passphrase again] | |||
# rpi_chorke_rsa add to ~/.ssh/config | |||
Host rpi.chorke.org | |||
HostName 139.59.51.80 | |||
# PreferredAuthentications publickey | |||
IdentityFile ~/.ssh/rpi_chorke_rsa | |||
Port 4321 | |||
# copy root/misc public key to ~/.ssh/authorized_keys for each users | |||
ssh-copy-id -i ~/.ssh/rpi_chorke_rsa.pub [email protected] -p 4321 | |||
ssh-copy-id -i ~/.ssh/rpi_chorke_rsa.pub [email protected] -p 4321 | |||
#################### SERVER SIDE #################### | |||
# for disable password authentication | |||
# & enable public key authentication | |||
# edit by /etc/ssh/sshd_config | |||
PasswordAuthentication no | |||
PubkeyAuthentication yes | |||
# after edit save & exit restart sshd | |||
# to update sshd configuration | |||
# systemctl restart sshd | |||
service sshd restart | |||
#################### CLIENT SIDE #################### | |||
# root user public key | |||
# Enter passphrase for key '/Users/user/.ssh/rpi_chorke_rsa': | |||
# misc user public key | |||
# Enter passphrase for key '/Users/user/.ssh/rpi_chorke_rsa': | |||
#################### CLIENT SIDE #################### | |||
# root user password disabled | |||
ssh [email protected] -p 4321 | |||
# [email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic). | |||
# misc user password disabled | |||
ssh [email protected] -p 4321 | |||
# [email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic). | |||
</syntaxhighlight> | |||
== References== | == References== | ||
* [https://gist.github.com/shahedhossain/73adbb5d812786875705a26c0c174928 Fedora SSH Client Public Key Authentication] | * [https://gist.github.com/shahedhossain/73adbb5d812786875705a26c0c174928 Fedora SSH Client Public Key Authentication] | ||
* [https://www.raspberrypi.org/documentation/remote-access/ssh/passwordless.md Raspberry Pi Public Key Authentication] | * [https://www.raspberrypi.org/documentation/remote-access/ssh/passwordless.md Raspberry Pi Public Key Authentication] | ||
Revision as of 23:58, 2 November 2018
#################### CLIENT SIDE ####################
# generating a new ssh key and adding it to the ssh client
# https://gist.github.com/shahedhossain/7d91028ba1eb9c56049ea421a12e76fd
# ssh key generation for chorke
ssh-keygen -t rsa -b 4096 -C "[email protected]"
# Generating public/private rsa key pair.
# Enter a file in which to save the key (/Users/user/.ssh/id_rsa): [Press enter]
# Enter passphrase (empty for no passphrase): [Type a passphrase]
# Enter same passphrase again: [Type passphrase again]
# rpi_chorke_rsa add to ~/.ssh/config
Host rpi.chorke.org
HostName 139.59.51.80
# PreferredAuthentications publickey
IdentityFile ~/.ssh/rpi_chorke_rsa
Port 4321
# copy root/misc public key to ~/.ssh/authorized_keys for each users
ssh-copy-id -i ~/.ssh/rpi_chorke_rsa.pub [email protected] -p 4321
ssh-copy-id -i ~/.ssh/rpi_chorke_rsa.pub [email protected] -p 4321
#################### SERVER SIDE ####################
# for disable password authentication
# & enable public key authentication
# edit by /etc/ssh/sshd_config
PasswordAuthentication no
PubkeyAuthentication yes
# after edit save & exit restart sshd
# to update sshd configuration
# systemctl restart sshd
service sshd restart
#################### CLIENT SIDE ####################
# root user public key
ssh [email protected]
# Enter passphrase for key '/Users/user/.ssh/rpi_chorke_rsa':
# misc user public key
ssh [email protected]
# Enter passphrase for key '/Users/user/.ssh/rpi_chorke_rsa':
#################### CLIENT SIDE ####################
# root user password disabled
ssh [email protected] -p 4321
# [email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
# misc user password disabled
ssh [email protected] -p 4321
# [email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).