Wednesday, 24 November 2021

Set Up SSH Keys

How To Set Up SSH Keys:
1) Creating the Key Pair
[root@centos8 ~]# ssh-keygen -t ed25519

Note: if you are on an older system that does not support creating ed25519 key pairs, or the server you’re connecting to does not support them, you should create a strong rsa keypair instead:
[root@centos8 ~]# ssh-keygen -t rsa -b 4096






















This changes the -t “type” flag to rsa, and adds the -b 4096 “bits” flag to create a 4096 bit key. SSH keys are 2048 bits by default, 4096 bits for a more hardened key.
 ~/.ssh/id_rsa: The private key. DO NOT SHARE THIS FILE!
~/.ssh/id_rsa.pub: The associated public key. This can be shared freely without consequence.
2) Copying the Public Key to Your Server
[root@centos8 ~]# ssh-copy-id root@192.168.1.2

In target server, vi /root/.ssh/authorized_keys

Using PuTTYgen on Windows to generate SSH key pairs:








































Save the public key into target server authorized_keys
eg. [root@centos7 ~]# vim /root/.ssh/authorized_keys



In Solar-Putty:






























Allow root ssh login with public key authentication only:





SSH Keys for Users
1) Login as user
2) Change to user home directory, eg. /home/William
3) Create .ssh > create authorized_keys inside .ssh > update public key
[william@centos7 ~]$ mkdir .ssh; chmod 700 .ssh; cd .ssh; touch authorized_keys; chmod 600 authorized_keys; vim authorized_keys

4) [root@centos7 william]# vim /etc/sudoers
william ALL=NOPASSWD: ALL
 
In Putty: