Monday, February 24, 2014

Creating Key Based Authentication in Linux using SSH




If you don’t want to enter password every time you login into your linux system then you have to remove the password based authentication and start using certificate based authentication. If you are an AWS user then you must have seen that AWS provides key based authentication for linux operating systems.  You use the private key to authenticate yourself to the linux machine hosted in the AWS cloud.

Let’s start the drama

Step 1:  Key Pair Generation 

For generating key pair you can use puttygen.
Open puttygen  -> Click Generate button -> move mouse over the blank area shown in the figure below 




Save the public and private key by pressing the Save Public Key and Save Private Key button.


After saving the public and private keys go to Conversion file menu and press Export Openssh key  and save that key somewhere in your hard disk. 




 
 


Step 2: Exporting keys to liunx server.

In this step we will export the keys in linux host.
Login to the linux server by putty or whatever way you prefer. I’ll recommend putty and ssh.
Now, create a directory .ssh  if not exist, in the home directory of the user for which you want to allow key based authentication.  For example: for y user the directory path will be /home/y/.ssh.
Now create a file in .ssh directory with name as id_dsa

 

Paste the openssh key file you generated using putty in this id_dsa file  and then change the permission of id_dsa to 600
 


After this on the terminal inside .ssh directory run the commands as shown below







Now you have both public and private key as id_dsa.pub and id_dsa.

Now create a file authorized_keys in the same directory.



And paste the data of id_dsa.pub file into authorized_keys file.


 Step 3: Setting Authentication method
In this step we will set up key based method as the authentication method.
Open file /etc/ssh/sshd_config, search for PasswordAuthentication, remove the # from the beginning of the line and type no in place of yes and save and close the file.


                            

                           





Now you are done with the configuration .
Restart the ssh service and now try using the private key file for authentication from putty, this is the private key you generated after creation of the key pair.











Posted by at No comments:
Subscribe to: Posts (Atom)