Aim
OS: ubuntu 18.04 64 bit
We want to have a ssh server that only accept login through rsa public key.
Installation
$ sudo apt-get install openssh-client openssh-server openssl
Server setting
$ sudo sed -i 's/^PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config$ sudo sed -i 's/^PubkeyAuthentication no/PubkeyAuthentication yes/' /etc/ssh/sshd_config
$ sudo vim /etc/ssh/sshd_config ------------------------------------ PubkeyAuthentication yes PasswordAuthentication no ------------------------------------ $ sudo systemctl restart sshd.service
Generate rsa key pairs
$ ssh-keygen -t rsa -b 4096 -C "testing@gmail.com" Generating public/private rsa key pair. Enter file in which to save the key (/home/sulfred/.ssh/id_rsa): id_testing Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in id_testing. Your public key has been saved in id_testing.pub. The key fingerprint is: SHA256:6F/Pnyj3A96+qgSGrw4hQc+O2x2xrdBGA5lmznqllOY testing@gmail.com The key's randomart image is: +---[RSA 4096]----+ | . .o | | . o=. | | .=o.+ | | +*o.B | | o=+oB S | | .+E* = . . | | ..o + . o. o | | . o o.oo.o. | | .o . .+==*o | +----[SHA256]-----+
Add Authorized keys to server
$ cat id_testing.pub >> ~/.ssh/authorized_keys $ ls -hal ~/.ssh ------------------------------------ -r--r--r-- 1 you you 405 Jun 7 09:42 authorized_keys -rw------- 1 you you 3.2K Jun 7 10:48 id_testing -rw-r--r-- 1 you you 743 Jun 7 10:48 id_testing.pub
------------------------------------ $ sudo service ssh restart
沒有留言:
發佈留言