Psychz - Raviteja
Votes: 0Posted On: Mar 06, 2018 01:46:37
SSH(Secure SHell) is a protocol used to establish a connection with remote hosts. SSH works on the client-server model in which the local host installs an SSH client to establish a connection to the remote SSH server installed on the remote host. Once the SSH client is installed, we can connect to the remote SSH server.
Multiple Levels of Authentication
SSH protocol works on multiple layers of authentication. When you connect to the remote host via SSH, it prompts for a password. The password can be thought of as a primary level of authentication. However, if your password is retrieved by another user, the connection can be easily accessed. Hence, SSH also provides you with another type of authentication called the SSH keys. Once the SSH keys are set up, you can disable the password at the login as the keys take care of the authentication. Otherwise, you will have to enter the password each time you connect to the remote host via SSH.
Authentication through SSH key pair
The SSH keys are a pair of a public and a private key. These keys are generated with the help of a command and are stored in your local machine. The public key is transferred to the remote server you want to set up an SSH connection with. During the authentication process, only if the public key from the remote server identifies your private key, the connection is established. Otherwise, it sends an error message.
The steps required for setting up of SSH keys is discussed below.
SSH Key Pair Generation
1. Please use the following command to create the SSH key pair.
ssh-keygen -t rsa
2. You will now have to enter the location in which you want to save the key. If you press enter without entering any location, it will store the key in the default path i.e "/home/current_user/.ssh/id_rsa".
3. Once the file is saved, a prompt will be displayed asking for a passphrase. The passphrase is another level of authentication and you will have to enter the passphrase every time you establish a connection. If you don't want a passphrase, leave the field empty.
4. The private key is now located in "/home/current_user/.ssh/id_rsa" and the public key in "/home/current_user/.ssh/id_rsa.pub".
Transferring Public key to Remote Server
1. The public key can be transferred to the remote host using the "ssh-copy-id" command.
ssh-copy-id username@IP_address_of_remote_host
2. Once you have transferred the public key to the remote host, you can disable the password required at the time of login.
Disable Password for Root Login
1. The SSH configuration file is stored in "/etc/ssh/sshd_config". Please edit the file with any editor of your choice like nano, vi etc.
We are using the vi editor in this case.
sudo vi /etc/ssh/sshd_config
2. The file includes a line "PasswordAuthentication". Please uncomment it by removing the "#" symbol. Then edit the file as shown below.
PasswordAuthentication no
3. Also, check that the following lines should be set as follows.
PubkeyAuthentication yes
ChallengeResponseAuthentication no
4. Restart the SSH services for the changes to take effect.
service sshd restart(For Centos operating system)
sudo systemctl restart ssh(For Ubuntu operating system)