SSH keybased authentication in Linux
Or,
Linux passwordless authentication
Server Details:
Server IP: 192.168.100.10
Hostname: server1.galaxycloud.in
ssh config: /etc/ssh/sshd_config
Client Details:
Client IP: 192.168.100.11
Hostname: server2.galaxycloud.in
YUM Config File Location: /etc/ssh/sshd_config
Server 1 (Client) – The Machine You Want to Use to Access Server 2
Generate SSH Key Pair: On your client machine (Server 1), generate an SSH keypair, When prompted, save the key in the default location (~/.ssh/id_rsa).ssh-keygen -t rsa -b 4096
Copy the Public Key to Server 2, Use ssh-copy-id to copy the public key to Server 2ssh-copy-id user@server2_ip
Replace user with your username on Server 2.
Replace server2_ip with the IP address or hostname of Server 2.
Server 2 (Remote Server) The Machine You Want to Access
Set Proper Permissions: On Server 2, ensure the .ssh directory and authorized_keys file have the correct permissions:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
Verify SSH Configuration: Ensure that PasswordAuthentication is disabled and PubkeyAuthentication is enabled in the SSH configuration file:sudo vim /etc/ssh/sshd_config
#Make sure the following lines are set
PubkeyAuthentication yes
PasswordAuthentication no
Restart the SSH service to apply changessudo systemctl restart sshd
Testing Key-Based Authenticationssh user@server2_ip
Now successfully, access server2 using ssh key
Learn how to convert a private key to PEM format and the best method to securely access a Linux server using a PEM file
The id_rsa.pem file is now your PEM file, which can be used for SSH access.
Once the key file is generated, you can copy the PEM file anywhere and use it to access the server.
ssh-keygen -p -m PEM -f ~/.ssh/id_rsa
openssl rsa -in ~/.ssh/id_rsa -outform PEM -out ~/.ssh/server2.pem
SSH Using PEM File from the Clientssh -i ~/.ssh/server2.pem user@server2_ip