SSH key authentication freebsd
Too difficult to imagine Unix OS’s administrator which does not use ssh protocol (Secure SHell).
In this how-to I would like to show how easy to use SSH Public Key Based Authentication.
The most useful benefits for me in key authentication:
- ssh authentication without password
- ssh login from shell scripts
- security
There are just two steps to use ssh key authentication:
1. Generate SSH Keys on client.
2. Add public key to server.
1.Generating keys.
From user (which will run script or login on server) do command:
#ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/slim/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/slim/.ssh/id_rsa.
Your public key has been saved in /home/slim/.ssh/id_rsa.pub.
The key fingerprint is:
6c:62:f7:11:93:2d:47:90:66:80:88:43:c4:e3:95:7e slim@slim
The key's randomart image is:
+--[ RSA 2048]----+
| +o. o ....o. |
| = + . ++ |
| . = o= o |
| . . E. = |
| .o S . |
| . + . . |
| . |
| |
| |
+-----------------+
As result – 2 files in a ~/.ssh directory:
id_rsa – private key
id_rsa.pub – public key
2. Add public key on server.
By default public keys located in /home/user/.ssh/authorized_keys file.
So, you need to load id_rsa.pub file on server and concatenate(on server) it to authorized_keys file:
#cat id_rsa.pub >> /home/user/.ssh/authorized_keys
This will create authorized_keys if it does not exist.
That is all! Now you can try from client:
#ssh username@servername
How to use several keys for different servers read in next post.
Posted on March 26th, 2011 by admin
Filed under: Software
