Contents
SSH connection with authentication using RSA public key cryptography
Create public and private key pairs
Create a public/private key pair for a user connecting to a Linux server using OpenSSH.
Use ssh-keygen to create the key pair.
This time, we will create a key set using the RSA cipher used in the SSH protocol Version 2.
Creation of public/private key pairs is performed with remote login user privileges (huong).
If you do not specify the destination and file name, id_rsa and id_rsa.pub will be created in /home/huong/.ssh/. On the way, enter the password for the key.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
# su - huong [huong@Lepard~]$ /usr/bin/ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/huong/.ssh/id_rsa): [Enter] Created directory '/home/huong/.ssh'. Enter passphrase (empty for no passphrase): [Password] Enter same passphrase again: [again Password] Your identification has been saved in /home/huong/.ssh/id_rsa. Your public key has been saved in /home/huong/.ssh/id_rsa.pub. The key fingerprint is: SHA256:/s3sLJJXH+7Ul01UDQplwwd/PkzQ6fqn7OmEWCen/6g huong@Lepard The key's randomart image is: +---[RSA 2048]----+ | .o=oo.+| | o.+ooo| | ..o.o| | o= | | S o +oo| | . o.B.o+| | ....oo+o+| | o.o= =o+o| | o.oE=Xoo| +----[SHA256]-----+ |
1 2 |
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys $ chmod 600 ~/.ssh/authorized_keys |
Using Winscp or similar, save the private key (~/.ssh/id_rsa) in an appropriate location on Windows.
Start Winscp and click [New Session].
![](https://korodes.com/wp-content/uploads/2022/12/737c880cf38e19da38e4ca18910e808b.jpg)
Host name : Server IP Address
Port number : SSH Port
User name : Server Login User
Password : Password for the same user
「Save」
![](https://korodes.com/wp-content/uploads/2022/05/f255feed548a8a69e94c283249a4c314.png)
Site name : Any name
「OK」click
![](https://korodes.com/wp-content/uploads/2022/12/095d894526d9a213f66932e161d8af60.jpg)
After confirming the server, click "Login".
![](https://korodes.com/wp-content/uploads/2022/12/7437cad40dc754312ab0553770234130.jpg)
Click "Update" when the following screen appears
![](https://korodes.com/wp-content/uploads/2022/12/2e00fae780c6e2620275e400efcbf03c.jpg)
Password of the logged-in user in the Password field
![](https://korodes.com/wp-content/uploads/2022/12/b54c0a7b8bf483337b3721315071a86a.jpg)
When connected, the right column is the server side and the left column is the PC (Windows) side.
Drag and drop "id.rsa" under /home/huong/.ssh on the server side to the left column Windows and save it.
![](https://korodes.com/wp-content/uploads/2023/02/bcf9019e979c4190b3f16d31788a3980.png)
Edit SSH configuration file
Edit the SSH configuration file to disable password authentication.
This time, use su - to become root instead of a normal user.
1 2 3 4 5 6 |
$ su - Password: # vi /etc/ssh/sshd_config # Line 66 : Changed to no password authentication PasswordAuthentication no # systemctl restart sshd |
How to connect with Tera Term
Start Tera Term, and select "File" menu "New connection"
![](https://korodes.com/wp-content/uploads/2022/05/a665f699dd994b53fffe9d6f0ef40826.png)
Host : Server IP Address
TCP port : SSH Port
![](https://korodes.com/wp-content/uploads/2022/05/c1251b0fdd1def8a04f053e625d7a4e8.png)
If you get the following security warning "Replace…". and click "Continue".
![](https://korodes.com/wp-content/uploads/2022/05/2515e05dc3f751841e52139cdc53c3ec.png)
User name : Login User Name
Password :Password specified in the creation of a public/private key pair
Check the "Use RSA/DSA…." checkbox. and in the "Private key file" field, specify the "id_rsa" that you just saved in windows.
![](https://korodes.com/wp-content/uploads/2022/05/560eab40d940a29d3b42587e6699d595.png)
Creating a private key using PuTTYgen
Start Winscp and launch Run Puttygen from "Tools".
Select the appropriate server
Click Load
![](https://korodes.com/wp-content/uploads/2022/05/6b939ae51b37143f8e081e227bc17233.png)
The [ Open File Dialog ] will open, change the file type to [ All Files (*. *)] and load the private key id_rsa transferred from the Linux server.
The password is the password set in "Creating a public and private key pair" above
Click on "Sve private key"
![](https://korodes.com/wp-content/uploads/2022/05/60dda6a69c9cdaa70a35c1d5b0f19aec.png)
Save the private key file to windows, file name is "id_rsa.ppk"
Select the appropriate server and click "Edit"
Click on "Advanced"
Select "Authentication" and specify the "id_rsa.ppk" file saved by windows in the "Private key file" field.
![](https://korodes.com/wp-content/uploads/2022/05/36497757c7297ff5f47021f59d4e273f.png)
Click "Save"
Click on "Login"
![](https://korodes.com/wp-content/uploads/2022/05/2b1ddb882ae31ad5b4ad29f2e3ba436a.png)
The password is the password set in "Creating a public and private key pair" above
![](https://korodes.com/wp-content/uploads/2022/05/e11b1bd8a4e89d286eb0564422f2841e.png)
When connecting with Tera Term, use the following
Use RSA/DSA/ECDSA/…" Specify "id_rsa.ppk" saved in windows in the "Use RSA/DSA/ECDSA/…" field.