Next, connect to the remote host through SSH, with the username you used in the step above. For instance, if you used root as the username, the file will be found in the /root directory and if you used a normal user, the file will be in the /home/er/ directory. ssh/id_rsa.pub command will copy the id_rsa.pub file in the $HOME directory. It's recommended you use scp as the file transfer utility:
Once the public key has been generated, it's time to upload it on any Linux systems you usually log into. Your public key has been saved in /root/.ssh/id_rsa.pub. Your identification has been saved in /root/.ssh/id_rsa. However, the upside is that you only have to remember this one passphrase for all the systems you access via RSA authentication and you can change the passhrase later with "ssh-keygen -p".) (The password you enter here will need to be entered every time you use the RSA key but fortunately, you can set NO passphrase by pressing Enter. (It's safe to press enter here, as the /root/.ssh is the default and recommended directory to hold the RSA file.)Įnter passphrase (empty for no passphrase): The first field is optional, bits, exponent and modulus fields give the RSA key and the last field isn't used at all in the authentication process, but it will be somewhat convenient to the user, for instance to know which key is for which machine.īefore we start, make sure your computer has a ssh client installed and the remote Linux system has ssh installed and sshd running, with RSA authentication enabled ( RSAAuthentication yes in /etc/ssh/sshd_config).įirst, you will need to generate the local RSA key:Įnter file in which to save the key (/root/.ssh/id_rsa): Each line contains one key, which consists of the following fields: options, bits, exponent, modulus and comment. The $HOME/.ssh/authorized_keys file contains the RSA keys allowed for RSA authentication.
If your daily activity requires loging in a lot of Linux systems through SSH, you will be happy to know (if you don't already) that there's a way to allow secure, authenticated remote access, file transfer, and command execution without having to remember passwords for each individual host you connect.
0 kommentar(er)
