Showing posts from June, 2015

SSH - Key-based Authentication

SSH has many way to authenticate user, and commonly, password based authentication is used.

Password based authentication is easy to setup and use, however, it poses a lot of security challenges.

An alternate way to log into SSH enabled system is key-based authentication. Key based authenticate makes use of public key infrastructure where a public and private key pair is used for authentication. While the private key should be held in secret by the user, the public key will be uploaded to the SSH remote server for authentication.

Below are the steps to enable key based authentication for a User A to log into remote server via SSH as User B

1. As User A, use ssh-keygen to generate a pair of authentication key without a pass phase

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/userA/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/userA/.ssh/id_rsa.