Working with SSH Keys

Security

To authenticate to an SSH server with a key rather than a password, I did the following:

  1. Generate a key set (public and private)
  2. Copy the public key to the remote server I wish to authenticate to
  3. Copy the contents of the public key into the “authorized_keys” file in my profile on that server
  4. Ensured the permissions on the files and directories are secure.

Generate a pair of keys on your local host:

#ssh-keygen -t dsa

Now copy your public key (id_dsa.pub) to your home directory on the remote server. Then you’ll log into that server and do the following from your home directory:

#mkdir .ssh
#chmod 700 .ssh
#cd .ssh
#touch authorized_keys
#chmod 600 authorized_keys
#cat ../id_dsa.pub >> authorized_keys
#rm ../id_dsa.pub

This will create the “authorized_keys” file that contains a list of SSH keys this server allows you to connect with. If connect to this machine from multiple machines with multiple keys, each key will have to be added to this file.

Now when you ssh to that server, you’ll be authenticated with your key instead of a password.

posted by Michael on 07.29.05 @ 7:03 pm |

[...] At this point you’re done! Couple this with using SSH keys and these sshd_config changes and you’re on your way to a secure SSH daemon. [...]

By mcwresearch.com » Using Denyhosts to secure SSHD on 05.02.06 1:33 pm

RSS feed for comments on this post. TrackBack URI