24.3 C
Sunday, July 14, 2024

Setting up sshd for Public Key Authentication

Must read

To create key only authentication the users public key needs to be put on the server in their home directory under .ssh/authorizated_keys.

Create the users private key on their workstation:

# ssh-keygen -t rsa

Send the private key to the server:

# cat .ssh/id_rsa.pub | ssh newmachine “cat >> .ssh/authorized_keys”

Make sure the authorized_keys file it set to the correct permissions.

Login to the server and change the permissions.

chmod 644 .ssh/authorized_keys

Configured sshd to use the key autentication and disable password authentication

# vi /etc/ssh/sshd_config

Make sure the following lines are in the file:

PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no

Save the file.

Restart sshd

/etc/init.d/sshd restart

Test by connecting from the users workstation. They should be logged in right away without the need for a password. Try to login from the server, there should be an error message.

See http://open.bsdcow.net/tutorials/ssh_pubkey_auth for more information.

More articles


Please enter your comment!
Please enter your name here

Latest article