CentOS7 SSH connection

What is SSH? ??

SSH = Secure SHell An application layer protocol used to encrypt and remotely control networked devices and data. Communicate using the SSH daemon on the server side and the SSH client on the client side. SSH has SSH version 1 and SSH version 2. It is said that SSH version 2 is more secure in encryption, and it seems that SSH version 2 is the mainstream. This time, we will describe a simple remote connection method using SSH version 2 and RSA public key cryptography.

What is public key cryptography?

Authenticate with an encrypted and paired key. Set up a "public key" on the server side and log in with the "private key" on the client side. If public key A is installed on the server, a pair of private key A is required to log in. Even if you have another private key B, you cannot log in from the server public key A. If you log in with private key B, you need to have a pair of public key B on the server.

Creating a key

Make a key on the client side. Work in the user's home directory.

mkdir .ssh
chmod 700 .ssh 
cd .ssh

Create a key with the ssh-keygen command.

ssh-keygen -t rsa -b 4096 -C "[email protected]" 

-t rsa: RSA public key cryptography for SSH2 -b: Number of bytes. 2048 bytes if not specified -C: Comment Can be created without options.

$ ssh-keygen (Created without options)
Generating public/private rsa key pair.
Enter file in which to save the key (/home/guest1/.ssh/id_rsa):⇦ Press Enter (key storage location)
Enter passphrase (empty for no passphrase):⇦ Press Enter(Passphrase setting)
Enter same passphrase again:⇦ Press Enter(Confirm passphrase)
Your identification has been saved in /home/guest1/.ssh/id_rsa.
Your public key has been saved in /home/guest1/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:TZ6gO14OKhQW3pjmf7IbZzZ83PPwXbkRG+cwnnKJK/k guest1@Cliant
The key's randomart image is:
+---[RSA 2048]----+
|                 |
|  .              |
| . =    . .      |
|  B .  . = .     |
| + .  . S +   oo.|
|  o  . o .   o **|
| . .. X + +.o =+o|
|  . oB.B  o= = .o|
|   .+=. .  oE .. |
+----[SHA256]-----+

You now have id_rsa (private key) and id_rsa.pub (public key). Change the authority of the private key.

chmod 600 id_rsa

Install public key on server

Now work in the home directory on the server side.

mkdir .ssh
chmod 700 .ssh
cd .ssh
vi authorized_keys

Copy and paste the contents of id_rsa.pub (public key) created on the client side to authorized_keys.

chmod 600 authorized_keys

Change permissions for autorized_keys.

Connecting

ssh username @ hostname or IP address

Note that you can only connect if .ssh or authorized_keys have the proper permissions. File for detailed settings →/etc/ssh/sshd_config

Recommended Posts

CentOS7 SSH connection
Make an ssh connection from Mac / VirtualBox (CentOS)
Install GitLab on CentOS 8 with no internet connection