[LINUX] SSH public key authentication was set for Sakura VPS Cent OS 7.7

Install Cent OS 7.7 on Sakura VPS and start from a clean state.

Update package

yum -y update

Log in with ssh to add users and set passwords

ssh [email protected]
adduser hogehoge
passwd hogehoge

Change permissions

cd ../
chmod 700 hogehoge

Make a key on your Mac

mkdir .ssh
cd .ssh
ssh-keygen -t rsa
Enter file in which to save the key (/Users/aya/.ssh/id_rsa): hogehoge #Name of any key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

The passphrase is optional, but don't forget it. You now have two files, "hogehoge_rsa" and "hogehoge_rsa.pub".

Send the key to the server and place it

scp hogehoge.pub [email protected]:~
ssh [email protected]
#hogehoge_rsa.Confirm that pub exists.
mkdir .ssh
chmod 700 .ssh
mv hogehoge_rsa.pub .ssh/authorized_keys
chmod 600 .ssh/authorized_keys

Editing sshd_config

vi /etc/ssh/sshd_config
#Port 22
Port xxxx

The port number should be 1024 or higher, preferably 49513 to 65535. This time, "49513" is used.

Prevent you from logging in as root

#PermitRootLogin yes
PermitRootLogin no

Public key authentication settings.

#PubkeyAuthentication yes
PubkeyAuthentication yes

Disable login with password

PasswordAuthentication yes
PasswordAuthentication no

If you change it so far, save it.

Restart sshd

systemctl restart sshd.service

Firewall settings

Rewrite port

vi /usr/lib/firewalld/services/ssh.xml
port protocol="tcp" port="22"/Rewrite "22" to "49513".

Firewall restart

systemctl reload firewalld.service

Check if SSH connection is possible

ssh [email protected] -i ~/.ssh/hogehoge_rsa -p 49513

Key setting on mac side

vi ~/.ssh/config
Host ops
    Hostname xxx.xxx.xxx.xxx
    User hogehoge
    Port 49513
    IdentityFile ~/.ssh/hogehoge_rsa
    IdentitiesOnly yes

Check if you can connect

ssh hogehoge

I referred to this article. https://qiita.com/sugasaki/items/a297f0404bd5fe0d818a

Recommended Posts

SSH public key authentication was set for Sakura VPS Cent OS 7.7
How to set up public key authentication in ssh
Set public key authentication when connecting with SSH in Teraterm
Ssh login with public key authentication quickly
[Linux setting series] How to set public key authentication / ssh-keygen / ssh key / authorized_keys
Use ssh with private key public key authentication. Connect from wan.
Ubuntu (18.04.3) SSH edition Key authentication
Ssh connection using public key
Until you can borrow VPS with Conoha and authenticate public key with SSH