Introduction
We want to have a ssh server that only accept login through rsa public key.
## install the application ## $ sudo apt-get install openssh-client openssh-server openssl ## update the configuration ## $ sudo sed -i 's/^PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config $ sudo sed -i 's/^PubkeyAuthentication no/PubkeyAuthentication yes/' /etc/ssh/sshd_config $ sudo vim /etc/ssh/sshd_config ------------------------------------ PubkeyAuthentication yes PasswordAuthentication no ------------------------------------ $ sudo systemctl restart sshd.service ## generate key pair ## $ ssh-keygen -t rsa -b 4096 -C "testing@gmail.com" Generating public/private rsa key pair. Enter file in which to save the key (/home/sulfred/.ssh/id_rsa): id_testing Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in id_testing. Your public key has been saved in id_testing.pub. The key fingerprint is: SHA256:6F/Pnyj3A96+qgSGrw4hQc+O2x2xrdBGA5lmznqllOY testing@gmail.com The key's randomart image is: +---[RSA 4096]----+ | . .o | | . o=. | | .=o.+ | | +*o.B | | o=+oB S | | .+E* = . . | | ..o + . o. o | | . o o.oo.o. | | .o . .+==*o | +----[SHA256]-----+ ## install the key information to server ## $ cat id_testing.pub >> ~/.ssh/authorized_keys $ sudo service ssh restart
Comments
Post a Comment