Thursday, 29 December 2016

SSH with Passwords - And there's more

Following on from my earlier post: -



this is my first walk-through of the setup required to enable password-less authentication on Red Hat Enterprise Linux, using my own public/private key pair

Update my public key to the target server - on my Mac client

scp ~/.ssh/id_rsa.pub root@rhel66:~

root@rhel66's password: 
id_rsa.pub 100%  417     1.3MB/s   00:00    

Add the public key to the list of authorised keys for the target user - root - on the target server

cat id_rsa.pub >> ~/.ssh/authorized_keys

Update the SSHD Configuration to support passwordless authentication - on the target server

vi /etc/ssh/sshd_config 

appending: -

HostKey /etc/ssh/ssh_host_rsa_key
PermitRootLogin without-password
PubkeyAuthentication yes
PasswordAuthentication no
RSAAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

Restart SSHD - on the target server

service sshd restart

Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]

Access server using my private key - on my Mac client

ssh -i ~/.ssh/id_rsa root@rhel66

Enter passphrase for key '/Users/davidhay/.ssh/id_rsa': 
Last login: Thu Dec 29 16:26:43 2016 from 192.168.153.1


Note that, although I didn't present a password for the target root user, I *did* enter a passphrase for my personal key - security is important

Validate - on the target server

uname -a

Linux rhel66.uk.ibm.com 2.6.32-642.11.1.el6.x86_64 #1 SMP Wed Oct 26 10:25:23 EDT 2016 x86_64 x86_64 x86_64 GNU/Linux

cat /etc/redhat-release 

Red Hat Enterprise Linux Server release 6.8 (Santiago)

whoami 

root

With thanks to this: -


for some all-important inspiration.

No comments: