[LINUX] How to set up public key authentication in ssh

Introduction

There is a lot of suspicious information about the public key authentication method, so I organized it myself. If you make a mistake, I would appreciate it if you could comment.

Work procedure

All of the following operations are performed by ** general users (logged-in users) **. No administrator privileges required.

Key generation

<** Working with ssh client **>

If you don't have a public key and a private key, create one with ssh-keygen. If you have made it in the past, you will reuse it. (The private key is the user's own proof, so even if a user logs in to multiple servers You will be logged in to multiple servers with the same key)

When you execute the command, you will be asked for the file name, but basically the default is fine. If you enter a password (like something), two files will be created in'.ssh /'in your home directory. ʻId_rsa.pub is a public key that you can tell others. ʻId_rsa is a private key and should not be told to anyone. When I check the read permission with ls -l, ʻid_rsa` can only be read by myself.

Public key registration

<** Working on ssh server **>

Create a file called ʻauthorized_keys in .ssh / (create if not) directly under the home directory of the user who logs in. If there is, add it. For the contents of the file (or the contents to be added), copy the line of public key information = ʻid_rsa.pub as it is.

If you create a new directory .ssh and file ʻauthorized_keys, change the permissions with chmod`.

chmod 700 .ssh
cd .ssh
chmod 600 authorized_keys

Supplement

You should be able to log in to the server with the steps up to this point.

You don't have to copy both the public and private keys to the server, you can log in if the client has a key pair and the server has authorized_keys. However, if you use multi-stage ssh to log in to another location from there, you will think that the bastion server will be the ssh client, and put the public key and private key there as well. Understand this and don't unnecessarily scatter copies of your keys.

Recommended Posts

How to set up public key authentication in ssh
[Linux setting series] How to set public key authentication / ssh-keygen / ssh key / authorized_keys
Set public key authentication when connecting with SSH in Teraterm
How to import Python library set up in EFS to Lambda
How to generate a public key from an SSH private key
Ssh login with public key authentication quickly
Log in to Raspberry PI with ssh without password (key authentication)
How to set up SVM using Optuna
[SSH] About public key authentication and EC2
SSH public key authentication was set for Sakura VPS Cent OS 7.7
How to set up a jupyter notebook on ssh destination (AWS EC2)
How to set up Random forest using Optuna
How to set browser location in Headless Chrome
How to set up Random forest using Optuna
How to set up a local development server
How to Mock a Public function in Pytest
The easiest way to set up Last-Modified in Flask
How to set up a Python environment using pyenv
[Ansible] How to use SSH password authentication when executing ansible
How to set up and compile your Cython environment
Stop SSH password authentication and switch to key authentication completely
[Amazon Linux 2] Change from public key authentication to password authentication
Ubuntu (18.04.3) SSH edition Key authentication
How to develop in Python
Set up Nunjucks in Node.js
Ssh connection using public key
How to set up Ubuntu for Windows Subsystem for Linux 2 (WSL2)
[python] How to check if the Key exists in the dictionary
How to set the html class attribute in Django's forms.py
Use ssh with private key public key authentication. Connect from wan.
How to set up a simple SMTP server that can be tested locally in Python
How to set the output resolution for each keyframe in Blender
[Python] How to do PCA in Python
How to handle session in SQLAlchemy
How to use classes in Theano
How to write soberly in pandas
How to collect images in Python
Set opset to embed in ONNX
How to update Spyder in Anaconda
How to use SQLite in Python
How to judge that the cross key is input in Python3
How to set up and use OMC Log Analytics --Linux version -
How to convert 0.5 to 1056964608 in one shot
How to reflect CSS in Django
How to kill processes in bulk
How to use Mysql in python
How to wrap C in Python
How to use ChemSpider in Python
How to use PubChem in Python
How to speed up Python calculations
How to run TensorFlow 1.0 code in 2.0
How to set up the development environment of ev3dev [Windows version]
How to handle Japanese in Python
How to log in to Docker + NGINX
How to call PyTorch in Julia
How to set proxy, redirect and SSL authentication for Python Requests module
Summary of how to set up major Python Lint (pep8, pylint, flake8)
How to use calculated columns in CASTable
[Blender] How to set shape_key with script
[Introduction to Python] How to use class in Python?
How to suppress display error in matplotlib