Contents
Remote connection with SSH public key cryptography
Creation of public and private key pairs
Create a public/private key pair for a user connecting to a Linux server using OpenSSH.
Use ssh-keygen to create the key pair.
The creation of a public/private key pair is performed with the authority of the user logging in remotely.
If you do not specify the creation destination and file name, id_ed25519 and id_ed25519.pub will be created in /home/(user name)/.ssh/. On the way, also enter the password for the key.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
# su - huong [huong@Lepard~]$ ssh-keygen -t ed25519 Generating public/private ed25519 key pair. Enter file in which to save the key (/home/huong/.ssh/id_ed25519): Created directory '/home/huong/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/huong/.ssh/id_ed25519 Your public key has been saved in /home/huong/.ssh/id_ed25519.pub The key fingerprint is: SHA256:g0vsIkL8LcOzX0JDFacYiIztXtCD+waLWkgPiBJTJT8 huong@Lepard The key's randomart image is: +--[ED25519 256]--+ |oo++o. o.. | |+o++o + o | |o+ oE+ . | |=o+ oo . | |o*o= o+ S | |+ *.=o.. . | |o..B.oo. | |.. .=.o | | ... | +----[SHA256]-----+ |
1 2 3 |
$ cat ~/.ssh/id_ed25519.pub >> ~/.ssh/authorized_keys $ chmod 600 ~/.ssh/authorized_keys $ chmod 700 ~/.ssh/ |
Save the created private key id_ed25519 to an appropriate location on windows using winSCP.
Start Winscp and click "New Session"
Host name : Server IP Address
Port number : SSH port number
User name : General username
Password : General username Password
「Save」
![](https://korodes.com/wp-content/uploads/2023/10/28d7c91e55e37b6580daa5ae22d4c0cb.jpg)
Site name : Any connection name
Click "OK"
![](https://korodes.com/wp-content/uploads/2023/10/9b53ea99f4a94fce9b40b76482a6d8ad.jpg)
After confirming the server, click "Login".
![](https://korodes.com/wp-content/uploads/2023/10/7f90bf235e4df57ea9f4c2165b9516fc.jpg)
Click "Update" when the following screen appears
![](https://korodes.com/wp-content/uploads/2023/10/5a7168df0483b652c65acaac9ed13286.jpg)
In the following screen, enter the user's password in the "Pasword" field.
![](https://korodes.com/wp-content/uploads/2023/10/8aa20c02f60c1dbc6c0dd5a83737b409.jpg)
When connected, the left column is the server side and the right column is the PC (Windows) side.
Save the file "id_ed25519" in the .ssh directory to an appropriate location on Windows in the right column.
![](https://korodes.com/wp-content/uploads/2024/04/c2186a28b9bc222f65434673672d7b22.jpg)
Editing SSH Configuration File
Edit the SSH configuration file to disable password authentication.
1 2 |
$ su - Password: |
1 2 3 |
# vi /etc/ssh/sshd_config # Line 65 : Uncommented and changed to password authentication disabled. PasswordAuthentication no |
sshd service restart
1 |
# systemctl restart sshd |
How to connect with Tera Term
Start Tera Term, and select "File" menu "New connection"
![](https://korodes.com/wp-content/uploads/2023/10/48e6fd6615fad0b6d6915c6d4185cf00.jpg)
Host : Server IP Address
TCP port : SSH Port
If you get the following security warning "Replace…. and click "Continue".
![](https://korodes.com/wp-content/uploads/2023/10/bfc146f61977dd87faa537b17aae6d6b.jpg)
User name : Login User Name
Password :Password specified in the creation of a public/private key pair
Set "id_ed25519" saved in Windows to "Private key file:" in "Use RSA/DSA/ECDSA/ED25519 key to log in"
![](https://korodes.com/wp-content/uploads/2023/10/1bcd03aeb9214a703f56b9ccabae241f.jpg)
Creating a private key using PuTTYgen
Start Winscp, select the appropriate server, and launch Run PuTTYgen from Tools.
Select the appropriate server
![](https://korodes.com/wp-content/uploads/2023/10/49c8695934c777b24c0dc2a54f76a355.jpg)
Click "Load"
![](https://korodes.com/wp-content/uploads/2023/10/9d20ce6f9b4fa31eff4d23fc21f6f2c2.jpg)
[ Open File Dialog ], change the file type to [ All Files (. Change the file type to [ All Files (. *) ] and load the private key id_ed25519 transferred from the Linux server.
![](https://korodes.com/wp-content/uploads/2023/10/130d698d50f60ba13ec0df4e2ac53a15.jpg)
Enter the passphrase you entered when you created the private key on the server side
![](https://korodes.com/wp-content/uploads/2023/10/6a190bc90b8eabb43058748714034e4e.jpg)
![](https://korodes.com/wp-content/uploads/2023/10/ca0ca4524e962f4af1120cacd0c8544e.jpg)
Click the [ Save private key ] button to save the private key.
![](https://korodes.com/wp-content/uploads/2023/10/fcda61780fb190de26621a4e5e38940c.jpg)
Here we save it as id_ed25519.ppk (in Windows).
![](https://korodes.com/wp-content/uploads/2023/10/194ceaa640df36fd40220e72da4f5c8a.jpg)
Select the appropriate server and click "Edit"
![](https://korodes.com/wp-content/uploads/2023/10/0b261f50c40248eb8b2971cac14b2de8.jpg)
Click on "Advanced"
![](https://korodes.com/wp-content/uploads/2023/10/0deb533409c985aeed3c985c39830fe1.jpg)
Open the "Authentication" menu and specify "id_ed25519.ppk" saved in Windows for "Private key file"
![](https://korodes.com/wp-content/uploads/2023/10/ce4768b632feb9afabf590167e40aaff.jpg)
Click "Save"
![](https://korodes.com/wp-content/uploads/2023/10/292992894ff62b28f2d42131f084f186.jpg)
Click on "Login"
![](https://korodes.com/wp-content/uploads/2023/10/fcf564b151c4b6de29daa926cd1e11a1.jpg)
The password is the password set in "Creating a public and private key pair" above
![](https://korodes.com/wp-content/uploads/2023/10/15744f289637bf936cfad9d9396396f3.jpg)
When connecting with Tera Term
In the "Use RSA/DSA/ECDSA/…" field.
Specify "id_ed25519.ppk" saved in window
![](https://korodes.com/wp-content/uploads/2023/10/a985d924af8483e774304f4fc845112a.jpg)