Setting up sshd for Public Key Authentication

To create key only authentication the users public key needs to be put on the server in their home directory under .ssh/authorizated_keys.

Create the users private key on their workstation:

# ssh-keygen -t rsa

Send the private key to the server:

# cat .ssh/id_rsa.pub | ssh newmachine “cat >> .ssh/authorized_keys”

Make sure the authorized_keys file it set to the correct permissions.

Login to the server and change the permissions.

chmod 644 .ssh/authorized_keys

Configured sshd to use the key autentication and disable password authentication

# vi /etc/ssh/sshd_config

Make sure the following lines are in the file:

PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no

Save the file.

Restart sshd

/etc/init.d/sshd restart

Test by connecting from the users workstation. They should be logged in right away without the need for a password. Try to login from the server, there should be an error message.

See http://open.bsdcow.net/tutorials/ssh_pubkey_auth for more information.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>