Linux Stuff: How to setup SSH certificates to simplify logins to remote systems

SSH and Server Certificates

If you haven’t done this yet, we’re going to make life easy and get the SSH Certificates setup to make it super easy to SSH from our Linux Desktop.

 

You’ll want to make sure to install SSH Server and client on both the machines you’re planning on configuring. Most of the time this is done already.

Debian Based machines:

apt-get install ssh openssh-server openssh-client

 

Red Hat Based machines:

yum install ssh openssh-server openssh-client

 

When that’s done test out connecting from your local machine to your remote host using:

ssh steve@208.28.163.39
The authenticity of host '208.28.163.39 (208.28.163.39)' can't be established.
RSA key fingerprint is 69:23:4c:49:35:41:ca:ae:23:3f:69:63:b2:ba:12:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '208.28.163.39' (RSA) to the list of known hosts.
user03@208.28.163.39's password:
user03 @ newstudent ~ :) ᛤ>   pwd
/home/user03
user03 @ newstudent ~ :) ᛤ>   exit
logout
Connection to 208.28.163.39 closed.
steve @ mintdebianvm ~ :) ᛤ>

Now we can setup SSH keys on this system so that you can easily log in from your main Linux Desktop machine.

 

So go to your home directory on your local machine (NOT THE REMOTE SYSTEM!) and your navigate to your home folder. From here CD into your .ssh directory and we’ll create your SSH Certificates. If your “.ssh” directory doesn’t exist, just make one! Same goes for your REMOTE system too! Make sure that exists or this won’t work!

cd ~/.ssh/
ssh-keygen -t rsa -b 2048
{save as default file, press enter}        
{enter your own password and hit enter}     <-- this can be blank
{confirm your password}                     <-- this can be blank

 

Once this is done we’ll setup your host with keys to stay authenticated

cat ~/.ssh/id_rsa.pub | ssh user03@208.28.163.39 "cat - >> ~/.ssh/authorized_keys"

 

Now edit your LOCAL “.ssh/config” file and add in your new server. If you don’t have one, again, just create one!

Host 208              <-- make that whatever you want. Keep it simple and easy to remember!
HostName 208.28.163.39      <-- IP of remote host
User user03                 <-- Your username on the remote machine.

 

And now you can test your new ssh keys by doing this:

ssh 208

 

You may need to adjust your permissions properly. To do so, simply run this command on your local system:

chmod 700 ~/.ssh && chmod 600 ~/.ssh/*

 

And this command on your remote system that you’re trying to connect to:

chmod 600 ~/.ssh/authorized_keys && chmod 700 ~/.ssh/

 

Now you should be able to just log in without a password to any Remote system you set this up on!! 🙂

ssh 208

 

Enjoy!

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)