SSH keybased authentication in Linux

Or,
Linux passwordless authentication

Server Details:
Server IP: 192.168.100.10
Hostname: server1.galaxycloud.in
ssh config: /etc/ssh/sshd_config

Client Details:
Client IP: 192.168.100.11
Hostname: server2.galaxycloud.in
YUM Config File Location: /etc/ssh/sshd_config

Server 1 (Client) – The Machine You Want to Use to Access Server 2
Generate SSH Key Pair: On your client machine (Server 1), generate an SSH keypair, When prompted, save the key in the default location (~/.ssh/id_rsa).

ssh-keygen -t rsa -b 4096

Copy the Public Key to Server 2, Use ssh-copy-id to copy the public key to Server 2

ssh-copy-id user@server2_ip

Replace user with your username on Server 2.
Replace server2_ip with the IP address or hostname of Server 2.

Server 2 (Remote Server) The Machine You Want to Access
Set Proper Permissions: On Server 2, ensure the .ssh directory and authorized_keys file have the correct permissions:

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Verify SSH Configuration: Ensure that PasswordAuthentication is disabled and PubkeyAuthentication is enabled in the SSH configuration file:

sudo vim /etc/ssh/sshd_config
#Make sure the following lines are set

PubkeyAuthentication yes
PasswordAuthentication no

Restart the SSH service to apply changes
sudo systemctl restart sshd

Testing Key-Based Authentication

ssh user@server2_ip

Now successfully, access server2 using ssh key

Learn how to convert a private key to PEM format and the best method to securely access a Linux server using a PEM file
The id_rsa.pem file is now your PEM file, which can be used for SSH access.
Once the key file is generated, you can copy the PEM file anywhere and use it to access the server.

ssh-keygen -p -m PEM -f ~/.ssh/id_rsa

openssl rsa -in ~/.ssh/id_rsa -outform PEM -out ~/.ssh/server2.pem


SSH Using PEM File from the Client
ssh -i ~/.ssh/server2.pem user@server2_ip

Leave a Reply

Your email address will not be published. Required fields are marked *