Psychz - Luis
Votes: 0Posted On: Sep 23, 2015 14:50:56
This article will briefly go over the creation of RSA keys On a Linux/Unix machine. There are two types of encryption that exist for rsa authentication, these encryption are used similar to how SSL works private public key to let the receiving host know the person trying to connect is authorized to enter.
RSA provides encryption, digital signatures and key distribution. 2048 bit encryption
DSA provides only digital signatures. its faster than rsa wehen creating signature encryption, slower to analyze/validate signature token. 1024 bit encryption
Generating keys using '''ssh-keygen -t rsa'''
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
1. the path of the id_rsa which is the private key use to decrypt and encrypt sessions.
2. secret passphrase for the keys, I dont put anything since some times RSA are use for automating backups and password input can cause problems.
3. the public rsa key location '''/root/.ssh/id_rsa.pub''' this is what you provide to the remote server for authenticating.
Sending ssh keys over to a new host
ssh-copy-id -i /root/.ssh/id_rsa.pub root@x.x.x.x
if unable to copy it over simply '''cat /root/.ssh/id_rsa.pub''' , and give the entire key to the remote server administrator.
If you want to force your ssh server, to only allow rsa/tsa logins do the following.
'''vi or nano /etc/ssh/sshd_config''', make the following changes
PasswordAuthentication no
ChallengeResponseAuthentication no
save and restart ssh
/etc/init.d/sshd restart
These instructions have been tested on Linux red-hate, debian, Ubuntu, and BSD.
