Tool-BarfreeBSD ArticlesSearch Our SiteHOMEfreeBSD LinksContribute to FreeBSD HelpFreeBSD FilesFreeBSD Script Corner

"Setting up Basic RSA Authentication with OpenSSH."

This howto will guide you to setup rsa key for ssh authentication:

Step 1:
as root become the user on the box you want to setup these keys for:
su username

Step 2:
Once you are the user you want to use keys for, on the command line simply
type: ssh-keygen , a few options come up where to save these files simply
hit enter, for default.. it then asks for passphrase.. hit enter for none.
if you so choose to not use one, other wise type one? ;)

Step 3:
now become root on the server and cd /home/username/.ssh
(into the users directory you just did this for).

Step 4:
You will see 2 files identity and next type: mv authorized_keys (authorized_keys2) if you are using ssh2 protocol.

Step 5:
now you have the identity file still there, this is the file for the user to use to connect to the server with, and they should gaurd this file with there life and hide it on there box. once you are sure they have this file on there machine DELETE IT IMMEDIATELY from the directory /home/username/.ssh so it doesnt exist on the server any longer.

Step 6:
Server side configuration is now completed. if you are on windows just load this file (may need to rename for secure crt). Simply choose the appropriate protocol, ssh1 , enter username and point the public key option to this file you've saved. Connect to the server (this is roughly for secure crt only on windows)
For unix, simply type: ssh -l username -i /path/to/identity

and now your using a "basic" rsa authentication method for sshd connections.

if you wish to "only" use RSA authentication in sshd_config change
PasswordAuthentication yes -> to PasswordAuthentication no and -HUP the sshd.

For more information on key bit size and other information: man ssh-keygen
"this was a basic quick 10 minute howto" the manuals will get you into more detail.


Written by: Didjital1

© 1997 - 20013 Defcon1, , Copyrights for all materials on this web site are held by the individual authors, artists, photographers or creators. Materials may not be reproduced or otherwise distributed without permission of and the content's original author.

Tool-Bar-2Defcon1  Webmail