SSH Usage (OpenSSH)

From Elvanör's Technical Wiki
Revision as of 15:23, 15 February 2007 by Elvanor (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

This article deals with SSH authentication and usage. SSH allows you to do many things, including sending commands to a remote server.

Public Key Authentication

  • Public key authentication allows you to log in via SSH, without supplying a password. The server will use your public key to send you a challenge, that you will decrypt on the client side with your private key. To get public key authentication working, follow the following steps:
    • Generate a RSA public/private key pair on the client with ssh-keygen.
    • Transfer the public key on the server, and append it to the file ~/.ssh/authorized_keys. Note that this is dependent on the user you want to log as; if you want to use your key to log in as several users, you must add it to the authorized_keys file of each user.
    • Make sure that the server configuration allows public key authentication.
  • Public key authentication requires strict permissions on several files and directories: $HOME, $HOME/.ssh/ and $HOME/.ssh/authorized_keys. Else it simply won't work. On $HOME, only the user should be able to write. On the $HOME/.ssh/ and $HOME/.ssh/authorized_keys, even read access should be restricted to the user.
  • Beware of the format of the id_rsa.pub file. If you make a mistake, for example add a new line, parsing will fail and will confuse OpenSSH.
Retrieved from "https://wiki.elvanor.net/index.php?title=SSH_Usage_(OpenSSH)&oldid=1641"