SSH: Difference between revisions
Jump to navigation
Jump to search
(Created page with "SSH Key Setup Key Authentication with PuTTY Server-side Begin with generating proper folder permissions for .ssh Make sure you're under the proper user before entering code...") |
No edit summary |
||
| Line 1: | Line 1: | ||
SSH Key Setup | ==SSH Key Setup== | ||
Key Authentication with PuTTY | ===Key Authentication with PuTTY=== | ||
Server-side | ====Server-side==== | ||
Begin with generating proper folder permissions for .ssh | * Begin with generating proper folder permissions for .ssh | ||
* Make sure you're under the proper user before entering code | |||
<syntaxhighlight lang="bash"> | |||
ssh-keygen | |||
</syntaxhighlight> | |||
Accept defaults for all prompts: [enter] | Accept defaults for all prompts: [enter] | ||
Now create an authorized keys file under the .ssh folder created, and set permissions | Now create an authorized keys file under the .ssh folder created, and set permissions | ||
<syntaxhighlight lang="bash"> | |||
touch /home/<username>/.ssh/authorized_keys | touch /home/<username>/.ssh/authorized_keys | ||
chmod 600 /home/<username>/.ssh/authorized_keys | chmod 600 /home/<username>/.ssh/authorized_keys | ||
PuttyGen | </syntaxhighlight> | ||
====PuttyGen==== | |||
Inside of the puttygen program generate a key that will be used for connecting to the server | Inside of the puttygen program generate a key that will be used for connecting to the server | ||
Under Actions heading click on Generate to generate a key pair | # Under Actions heading click on Generate to generate a key pair | ||
When done, click on Save Private Key, and name it priv.ppk | # When done, click on Save Private Key, and name it priv.ppk | ||
Manually copy and paste the public key starting from "ssh-rsa" down to the end of the key ending in "rsa-key-<numbers>" into a new file named public | # Manually copy and paste the public key starting from "ssh-rsa" down to the end of the key ending in "rsa-key-<numbers>" into a new file named public | ||
# Once you're done with this make sure to move a copy of the files into a new entry for KeePass | |||
Once you're done with this make sure to move a copy of the files into a new entry for KeePass | |||
Server-side | ====Server-side==== | ||
Copy the text of the public key you created, and insert it into the authorized_keys file: | Copy the text of the public key you created, and insert it into the authorized_keys file: | ||
<syntaxhighlight lang="bash"> | |||
vim /home/<username>/.ssh/authorized_keys | vim /home/<username>/.ssh/authorized_keys | ||
</syntaxhighlight> | |||
Apply the key to a separate ssh session to make sure you've done everything correctly | Apply the key to a separate ssh session to make sure you've done everything correctly | ||
Now to disallow root login and change other configuration for ssh: | Now to disallow root login and change other configuration for ssh: | ||
<syntaxhighlight lang="bash"> | |||
sudo -i | sudo -i | ||
</syntaxhighlight> | |||
(you are now under the root user) | |||
<syntaxhighlight lang="bash"> | |||
vim /etc/ssh/sshd_config | vim /etc/ssh/sshd_config | ||
</syntaxhighlight> | |||
Within the config change settings to match the following !!Remove # sign if applicable!! | |||
PermitRootLogin no | |||
PasswordAuthentication no | |||
UsePAM no | |||
Finally, Restart the sshd service to enable these changes: | Finally, Restart the sshd service to enable these changes: | ||
<syntaxhighlight lang="bash"> | |||
sudo systemctl restart sshd | sudo systemctl restart sshd | ||
</syntaxhighlight> | |||
[[Category:Linux]] | [[Category:Linux]] | ||
Latest revision as of 14:45, 26 March 2020
SSH Key Setup
Key Authentication with PuTTY
Server-side
- Begin with generating proper folder permissions for .ssh
- Make sure you're under the proper user before entering code
ssh-keygen
Accept defaults for all prompts: [enter]
Now create an authorized keys file under the .ssh folder created, and set permissions
touch /home/<username>/.ssh/authorized_keys
chmod 600 /home/<username>/.ssh/authorized_keys
PuttyGen
Inside of the puttygen program generate a key that will be used for connecting to the server
- Under Actions heading click on Generate to generate a key pair
- When done, click on Save Private Key, and name it priv.ppk
- Manually copy and paste the public key starting from "ssh-rsa" down to the end of the key ending in "rsa-key-<numbers>" into a new file named public
- Once you're done with this make sure to move a copy of the files into a new entry for KeePass
Server-side
Copy the text of the public key you created, and insert it into the authorized_keys file:
vim /home/<username>/.ssh/authorized_keys
Apply the key to a separate ssh session to make sure you've done everything correctly
Now to disallow root login and change other configuration for ssh:
sudo -i
(you are now under the root user)
vim /etc/ssh/sshd_config
Within the config change settings to match the following !!Remove # sign if applicable!!
PermitRootLogin no PasswordAuthentication no UsePAM no
Finally, Restart the sshd service to enable these changes:
sudo systemctl restart sshd