"Setting up Basic RSA Authentication with OpenSSH."
This howto will guide you to setup rsa key for ssh authentication:
Step 1: as root become the user on the box you want to setup these keys for: su username
Step 2: Once you are the user you want to use keys for, on the command line simply type: ssh-keygen , a few options come up where to save these files simply hit enter, for default.. it then asks for passphrase.. hit enter for none. if you so choose to not use one, other wise type one? ;)
Step 3: now become root on the server and cd /home/username/.ssh (into the users directory you just did this for).
Step 4: You will see 2 files identity and identity.pub next type: mv identity.pub authorized_keys (authorized_keys2) if you are using ssh2 protocol.
Step 5: now you have the identity file still there, this is the file for the user to use to connect to the server with, and they should gaurd this file with there life and hide it on there box. once you are sure they have this file on there machine DELETE IT IMMEDIATELY from the directory /home/username/.ssh so it doesnt exist on the server any longer.
Step 6: Server side configuration is now completed. if you are on windows just load this file (may need to rename identity.pub for secure crt). Simply choose the appropriate protocol, ssh1 , enter username and point the public key option to this file you've saved. Connect to the server (this is roughly for secure crt only on windows) For unix, simply type: ssh hostname.com -l username -i /path/to/identity
and now your using a "basic" rsa authentication method for sshd connections.
ps: if you wish to "only" use RSA authentication in sshd_config change PasswordAuthentication yes -> to PasswordAuthentication no and -HUP the sshd.
For more information on key bit size and other information: man ssh-keygen "this was a basic quick 10 minute howto" the manuals will get you into more detail.
Done.
Written by: Didjital1
|