[Linux setting series] How to set public key authentication / ssh-keygen / ssh key / authorized_keys

[Linux setting series] How to set public key authentication / ssh-keygen / ssh key / authorized_keys

Introduction

--The side of the personal setting memo is strong. --`ssh Connection destination server name Appropriately set to enable ssh connection with public key authentication

Working on the main PC

Creating a key pair

cd ~/.ssh
ssh-keygen -t rsa -b 4096 -C "comment"


Generating public/private rsa key pair.
Enter file in which to save the key (/Users/USERNAME/.ssh/id_rsa):The name of the key file

By executing this command, the following files will be created. (Example: When the name of the key file is gcp_key)

--gcp_key (private key) --gcp_key.pub (Public key. By inserting this into the connection destination server, you can use ssh login using the private key)

--Caution: When you put the server in the connection destination server from the GUI of google cloud platform, it seems that you decide which user to put the public key in based on the value of " comment ". --Example: If the comment " test_user " is set, the public key will be set for the user: test_user of the connection destination server (GCP VM).

$ ls
config		gcp_key		gcp_key.pub	known_hosts

Config file settings

vi ~/.ssh/config

~/.ssh/config


Host Name of the server to connect to
HostName IP address of the server to connect to
User Username of the server to connect to
        IdentityFile ~/.ssh/gcp_key ← The Key created earlier (the private key)

Settings on the connection destination server

Installation of public key

--Log in as the user who wants to log in using public key authentication. --Paste the contents of gcp_key.pub created on the main PC into ~ / .ssh / authorized_keys.

python


vi ~/.ssh/authorized_keys

~/.ssh/authorized_keys


#Appropriately easy-to-understand comments
ssh-rsa AAAAB3Nza ~ Omitted ~ C1y8oSKIN3w== utadroid

Option: Disables login using a password.

--Setting to turn off password authentication so that you can only log in with public key authentication

vi /etc/ssh/sshd_config

/etc/ssh/sshd_config



#PasswordAuthentication yes ← Because I wrote this at first
PasswordAuthentication no ← Change like this

To reflect the settings, restart the ssh daemon with the following command.

sudo systemctl start sshd.service

Reference: When registering a public key in a VM created with Google Cloud Platform

If you register the public key on the page of Compute Engine-> meta data-> ssh authentication key, All the VMs you create have a public key setting.

Recommended Posts

[Linux setting series] How to set public key authentication / ssh-keygen / ssh key / authorized_keys
How to set up public key authentication in ssh
[Amazon Linux 2] Change from public key authentication to password authentication
How to generate a public key from an SSH private key
Set public key authentication when connecting with SSH in Teraterm
SSH public key authentication was set for Sakura VPS Cent OS 7.7
Ssh login with public key authentication quickly
[SSH] About public key authentication and EC2
[Ansible] How to use SSH password authentication when executing ansible
Stop SSH password authentication and switch to key authentication completely
How to set up Ubuntu for Windows Subsystem for Linux 2 (WSL2)
Use ssh with private key public key authentication. Connect from wan.
Ubuntu (18.04.3) SSH edition Key authentication
Ssh connection using public key
Log in to Raspberry PI with ssh without password (key authentication)
How to set up and use OMC Log Analytics --Linux version -