Contents
1.Creation of public and private key pairs
Create a public/private key pair for a user connecting to a Linux server using OpenSSH.
Use ssh-keygen to create the key pair.
The creation of a public/private key pair is performed with the authority of the user logging in remotely.
If you do not specify the creation destination and file name, id_ed25519 and id_ed25519.pub will be created in /home/(user name)/.ssh/. On the way, also enter the password for the key.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
# su - huong [huong@Lepard~]$ ssh-keygen -t ed25519 Generating public/private ed25519 key pair. Enter file in which to save the key (/home/huong/.ssh/id_ed25519): [Enter] Created directory '/home/huong/.ssh'. Enter passphrase (empty for no passphrase): [Password] Enter same passphrase again: [Again Password] Your identification has been saved in /home/huong/.ssh/id_ed25519 Your public key has been saved in /home/huong/.ssh/id_ed25519.pub The key fingerprint is: SHA256:caoCOTvdXeazCAthGIYGNHLppvbtC9Ot7MfTN8cAB08 huong@Lepard The key's randomart image is: +--[ED25519 256]--+ |+o.. | |ooo . E | |.oo . = | |..o+ = o | | o= o S = | |.. *.o.o + . | |. +o=.=.o o o | | o++.* o = o | | o*+ o o o | +----[SHA256]-----+ |
1 2 3 |
$ cat ~/.ssh/id_ed25519.pub >> ~/.ssh/authorized_keys $ chmod 600 ~/.ssh/authorized_keys $ chmod 700 ~/.ssh/ |
Save the created private key id_ed25519 to an appropriate location on windows using winSCP.
Start Winscp and click "New Session"
![](https://korodes.com/wp-content/uploads/2022/12/737c880cf38e19da38e4ca18910e808b.jpg)
Host name : Server IP Address
Port number : SSH port number
User name : General username
Password : General username Password
「Save」
![](https://korodes.com/wp-content/uploads/2022/05/f255feed548a8a69e94c283249a4c314.png)
Site name : Any connection name
Click "OK"
![](https://korodes.com/wp-content/uploads/2022/12/095d894526d9a213f66932e161d8af60.jpg)
After confirming the server, click "Login".
![](https://korodes.com/wp-content/uploads/2022/12/7437cad40dc754312ab0553770234130.jpg)
Click "Update" when the following screen appears
![](https://korodes.com/wp-content/uploads/2022/12/2e00fae780c6e2620275e400efcbf03c.jpg)
In the following screen, enter the user's password in the "Pasword" field.
![](https://korodes.com/wp-content/uploads/2022/12/b54c0a7b8bf483337b3721315071a86a.jpg)
When connected, the right column is the server side and the left column is the PC (Windows) side.
Save the file "id_ed25519" in the .ssh directory to an appropriate location on Windows in the left column.
![](https://korodes.com/wp-content/uploads/2022/12/619dbc54004c69cdf80609f65223b403.jpg)
2.Editing SSH Configuration File
Edit the SSH configuration file to disable password authentication.
1 2 3 4 5 |
# vi /etc/ssh/sshd_config # Line 66 : Uncommented and changed to password authentication disabled. PasswordAuthentication no # systemctl restart sshd |
How to connect with Tera Term
Start Tera Term, and select "File" menu "New connection"
![](https://korodes.com/wp-content/uploads/2022/12/69db351a2f2c92e4701f73d55fa1b300.jpg)
Host : Server IP Address
TCP port : SSH Port
![](https://korodes.com/wp-content/uploads/2022/09/cbe504a8558fe1d751d7a493a163df52.png)
If you get the following security warning "Replace…. and click "Continue".
![](https://korodes.com/wp-content/uploads/2022/12/b79c07d75e313d1c1d72f47f0a1e96c8.jpg)
User name : Login User Name
Password :Password specified in the creation of a public/private key pair
Under "Use RSA/DSA/ECDSA/ED25519 key to log in", set "Private key file:" to "id_ed25519" that you just saved in Windows.
Set "id_ed25519" that you just saved in Windows to "Private key file:" and click "OK".
![](https://korodes.com/wp-content/uploads/2022/11/276eb927bdf1a8bc29fdda12410c485d.jpg)
3.Creating a private key using PuTTYgen
Start Winscp, select the appropriate server, and launch Run PuTTYgen from Tools.
Select the appropriate server
Click "Load"
![](https://korodes.com/wp-content/uploads/2022/11/116a0f5ebc2b534bbc2bed990bd9b5bb.jpg)
[ Open File Dialog ], change the file type to [ All Files (. Change the file type to [ All Files (. *) ] and load the private key id_ed25519 transferred from the Linux server.
![](https://korodes.com/wp-content/uploads/2022/11/a3eb469810c4d6082cb188dcd8c6895f.jpg)
Enter the passphrase you entered when you created the private key on the server side
![](https://korodes.com/wp-content/uploads/2022/11/4b85647b2c0edde1d52aa38c1308ace9.jpg)
![](https://korodes.com/wp-content/uploads/2022/11/21b465931244151e5d4cc6c39aab389b.jpg)
Click the [ Save private key ] button to save the private key.
![](https://korodes.com/wp-content/uploads/2022/11/da15cd28160fb6c2097295de74f23418.jpg)
Here we save it as id_ed25519.ppk (in Windows).
![](https://korodes.com/wp-content/uploads/2022/11/ede6c2e07fee50073367cce59aff0d6d.jpg)
Select the appropriate server and click "Edit"
![](https://korodes.com/wp-content/uploads/2022/11/a1d71ba21e2d1fab2a461419e2725242.jpg)
Click on "Advanced"
![](https://korodes.com/wp-content/uploads/2022/11/c9dce692932a772488ad24abeb0426cc.jpg)
Open the "Authentication" menu and specify "id_ed25519.ppk" saved in Windows for "Private key file"
![](https://korodes.com/wp-content/uploads/2022/11/b243a3f21421d40287be72402061e4d7.jpg)
Click "Save"
![](https://korodes.com/wp-content/uploads/2022/11/b7a3029199cf31df0a9541e3523a7bb7.jpg)
Click on "Login"
![](https://korodes.com/wp-content/uploads/2022/11/98944ac66c50bb74fda4f33b465d7c38.jpg)
The password is the password set in "Creating a public and private key pair" above
![](https://korodes.com/wp-content/uploads/2022/11/7911a5cf3bfdc4ebd7d5f305e4e1e238.jpg)
When connecting with Tera Term
In the "Use RSA/DSA/ECDSA/…" field.
Specify "id_ed25519.ppk" saved in window