How to Set up SSH Keys in Ubuntu

Source: Internet
Author: User
Tags ssh ssh server virtual private server ssh config ssh config file
Http://superuser.com/questions/232362/how-to-convert-ppk-key-to-openssh-key-under-linux
Linux:sudo apt-get Install putty-tools OS x:brew Install putty

Puttygen Id_dsa.ppk-o Private-openssh-o ID_DSA
method One: http://www.ubuntulinuxhelp.com/how-to-ssh-on-ubuntu-a-simple-guide/

The SSH Client

The SSH Client is the piece of software, which has the on the computer you be sitting in front of and typing on. It sends messages to the SSH server which are on the remote computer (such as the webserver). We'll assume that there was already a valid SSH server up and running so you're trying to connect to.

In Ubuntu, there was a SSH client installed as standard and it was called Open SSH.

To use it, you simply open a terminal and proceed any command with "ssh".

For example, if you would like to log in to your remote server, just use the command ...

SSH username@mysite.myserver.org

However, as this was a blog that likes to keep things simple (and annoy a lot of the die-hard Linux geeks), I ' m going to Su Ggest a different tool ... PuTTY.

PuTTY is a client program for SSH (among other things) and gives a neat little interface for making SSH connections. It is also in my opinion one of the best pieces of software ever written. It has been around for ever and can also is used on Windows without installation (just runs as a. exe). Learn this little guy and you'll never look for another SSH client.

Install PuTTY by typing the following into a terminal ...

sudo apt-get install putty

You'll then find the PuTTY program among your and other Internet applications.

Able to enter the IP address or name of the remote computer your wish to contact and CLI CK Connect. You'll then being asked for password etc. If you is going to is using SSH regular, you can save this connection as a profile which makes things easier).
Method Two: SSHOriginal address: Https://www.digitalocean.com/community/articles/how-to-set-up-ssh-keys--2 How to Set up SSH KeysTweet inShare About SSH KeysSSH Keys provide a more secure a-logging to a virtual private server with SSH than using a password alone. While a password can eventually is cracked with a brute force attack, SSH Keys is nearly impossible to decipher by brute Force alone. Generating a key pair provides you with the long string of characters:a public and a private key. You can place the public key on any server, and then unlock it from connecting to it with a client that already have the Priv Ate key. When the ' match up ', the system unlocks without the need for a password. You can increase security even to protecting the private key with a passphrase.

Step one-create The RSA Key PairThe first step is to create the key pair on the client machine (there are a good chance that this would just be your compute R):

SSH-KEYGEN-T RSA

Step Two-store The Keys and PassphraseOnce you has entered the Gen Key command, you'll get a few more questions:
Enter file in which to save the key (/DEMO/.SSH/ID_RSA):

You can press ENTER here, saving the "file to the" User home (in this case, my example user is called demo).
Enter passphrase (empty for no passphrase):

It's up to the whether you want the use a passphrase.

Entering a passphrase does has its benefits:the security of a key, no matter what encrypted, still depends on the fact th At it isn't visible to anyone else. Should a passphrase-protected private key fall into an unauthorized users possession, they would be unable to log on to its Associated accounts until they figure out the passphrase, buying the hacked user some extra time. The only downside, for course, to have a passphrase, is then have to type it in each time you use the Key Pair.

The entire key generation process looks like this:
ssh-keygen-t RSA
generating public/private RSA key pair.
Enter file in which to save the key (/DEMO/.SSH/ID_RSA): 
Enter passphrase (empty for no passphrase): 
enter same PA Ssphrase again: 
Your identification has been saved In/demo/.ssh/id_rsa.
Your public key has been saved in/demo/.ssh/id_rsa.pub.
The key fingerprint is:
4a:dd:0a:c6:35:4e:3f:ed:27:38:8c:74:44:4d:93:67 demo@a, the
key ' s randomart image is:
+--[RSA 2048]----+
|          . oo.   |
|         .  O.E  |
|        + .  o   |
|     . = =.     |
|      = S =.    |
|     O + = +     |
|      . O + O.  |
|           . o   |
|                 |
+-----------------+

The public key was now located in/demo/.ssh/id_rsa.pub

The private key (identification) is now located in/demo/.ssh/id_rsa

Step three-copy the public KeyOnce The key pair is generated, it's time to place the public key on the virtual server so we want to use.

You can copy the public key to the new machine's Authorized_keys file with the Ssh-copy-id command. Make sure to replace the example username and IP address below.
Ssh-copy-id user@123.45.56.78

Alternatively, you can paste in the keys using SSH:
Cat. Ssh/id_rsa.pub | SSH user@123.45.56.78 "Cat >> ~/.ssh/authorized_keys"

No matter which command you chose, you should see something like:
The authenticity of host ' 12.34.56.78 (12.34.56.78) ' can ' t be established.
RSA key fingerprint is b1:2d:33:67:ce:35:4d:5f:f3:a8:cd:c0:c4:48:86:12.
Is you sure want to continue connecting (yes/no)? Yes
warning:permanently added ' 12.34.56.78 ' (RSA) to the list of known hosts.
user@12.34.56.78 ' s password: Now 
try logging to the machine, with "ssh ' user@12.34.56.78 '", and check in:

  ~/.ssh /authorized_keys to make

sure we haven ' t added extra keys and you weren ' t expecting.

Now you can go ahead and logs into user@12.34.56.78 and you'll not be prompted for a password. However, if you set a passphrase, you'll be asked to enter the passphrase at that time (and whenever else you log in The future).

Optional Step four-disable the Password for Root LoginOnce you has copied your SSH keys unto your server and ensured that's can log in with the SSH keys alone, you can go Ahead and restrict the root login to is permitted via SSH keys.

In order to does this, open up the SSH config file:
sudo nano/etc/ssh/sshd_config

Within that file, find the line that includes permitrootlogin and modify it to ensure that users can only connect with T Heir SSH Key:
Permitrootlogin Without-password

Put the changes into effect:
Reload SSH

Digital Ocean AddendumThe Digital Ocean control allows the add public keys to your new droplets when they ' re created. You can generate the SSH key in a convenient location, such as the computer, and then upload the public key to the SSH key Section.

Then, if you create a new VPS, you can choose to include this public key on the server. No root password would be emailed-to-you and your can log in to your new virtual private server from your chosen client. If you created a passphrase, you'll be prompted to enter that upon login.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.