Fedora 11
Sponsored Link

Keys Authentication
2009/06/10
  Configure SSH server to login with Keys Authentication. It is needed for it to make private key for client and public key for server.

[1] Login as a user you'd like to configure for Keys Authentication.
[fedora@dlp ~]$
ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/fedora/.ssh/id_rsa):
Created directory '/home/fedora/.ssh'.
Enter passphrase (empty for no passphrase):  
# set any password

Enter same passphrase again:  
# verify

Your identification has been saved in /home/fedora/.ssh/id_rsa.
Your public key has been saved in /home/fedora/.ssh/id_rsa.pub.
The key fingerprint is:
xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx fedora@dlp.server-world.info
[fedora@dlp ~]$
cd .ssh

[fedora@dlp .ssh]$
mv id_rsa.pub authorized_keys

[fedora@dlp .ssh]$
chmod 600 authorized_keys

[fedora@dlp .ssh]$
cat id_rsa


# Copy all in this file like below and Paste into a file on Windows client computer.

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
*******************************
*******************************
-----END RSA PRIVATE KEY-----

[fedora@dlp .ssh]$
rm -f id_rsa

[fedora@dlp .ssh]$
su -

Password:
[root@dlp ~]#
vi /etc/ssh/sshd_config


# line 64: change

PasswordAuthentication
no


[root@dlp ~]#
/etc/rc.d/init.d/sshd restart

Stopping sshd:
[  OK  ]

Starting sshd:
[  OK  ]
[2] Download PuTTYgen and start it on Windows client computer. And next, Click [File]-[Load private key] like below. Then, Choose a file which is private key that you made in section [1].

[3] Click 'Load' button and load private key you made.
 
[4] You need to answer with passphrase for private key which you set in section [1].
 
[5] The message below is shown.
 
[6] Click the button 'Save private key' and Save it in any place you like on your computer.
 
[7] Start putty and move to 'Auth' section like below. next, Select the private key you saved in previous section.
 
[8] Back to the 'Session' section and input server's IP address to login.
 
Matched Content
 
Tweet