Revision 3 as of 2016-11-21 13:26:23

Clear message

SSH Key-Based Authentification

An SSH server can authenticate clients using a variety of different methods. The most basic of these is password authentication, which is easy to use, but not the most secure.

SSH keys prove to be a reliable and secure alternative. To use this alternative you need a key pair with a public and a private key. You can generate a key pair with the command ssh-keygen: 

pmuster@chinaski:~$ 
pmuster@chinaski:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/pmuster/.ssh/id_rsa): 
Created directory '/home/pmuster/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/pmuster/.ssh/id_rsa.
Your public key has been saved in /home/pmuster/.ssh/id_rsa.pub.
The key fingerprint is:
d0:f5:bc:f8:16:da:5a:e3:5e:e5:ef:18:00:55:69:c8 pmuster@chinaski
The key's randomart image is:
+---[RSA 2048]----+
|          ...o.. |
|       . . +E o  |
|      . . . o.   |
|       .   o .   |
|        S . +   .|
|           + o o |
|          . * o .|
|           = o o.|
|          ..o ..o|
+-----------------+
pmuster@chinaski:~$

The public key must be uploaded to the remote server that you want to be able to log into with SSH. The key is added to a special file within the user account you will be logging into called ~/.ssh/authorized_keys. In our managed client linux environment with your shared home directory you can do this with: 

> pmuster@chinaski:~$ cat .ssh/id_rsa.pub >> .ssh/authorized_keys

Now you are able to perform a ssh keybased login from client to client.