Contents
Public key
1.Create a key pair with RSA
# su – <user name>
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/<user name>/.ssh/id_rsa): <Enter>
Created directory ‘/home/<user name>/.ssh’.
Enter passphrase (empty for no passphrase): ← Any password
Enter same passphrase again: ← Any password again
Your identification has been saved in /home/<user name>/.ssh/id_rsa.
Your public key has been saved in /home/<user name>/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:/C+8j0Ykpbqq80ABB/kkbwB8L76MUxmrkBvAsT6OVwg <user name>@Lepard
The key’s randomart image is:
+—[RSA 2048]—-+
|*o. |
|+=.. . |
|.*= . o |
|Eo++ . .o . |
|o+o.= .So |
|++.=. . .. |
|+oB.. . o. |
|o=o+ . +o |
| .o+o. .o+o |
+—-[SHA256]—–+
$ chmod 600 ~/.ssh/authorized_keys
2.Private Key Login Settings
password:
# vi /etc/ssh/sshd_config
●Remove the “#” at the beginning of the line per line 49
#PubkeyAuthentication yes
PubkeyAuthentication yes
# systemctl restart sshd.service
Copy the private key to the client PC (using WinSCP) Configure WinSCP settings
①Start WinSCP, set the following in “New Site”, and click “Save”.
Host name : Server IP address
Port number : SSH port number
User name : User name
Password : User password
Give the connection a name of your choice. ↓
You will return to the following screen and click “Login. ↓
When the following screen appears, click “Update. ↓
In the following screen, enter the user’s password in “Password”.
Copy the id_rsa in the /home/user/.ssh directory to the desired location on the windows side (select id_rsa, drag it to the left side and copy it).
3.Change to login only with private key
●Per line 69
Add “PasswordAuthentication no” under “#PasswordAuthentication yes”.
#PasswordAuthentication yes
PasswordAuthentication no
# systemctl restart sshd.service
3.Creating a private key using PuTTYgen
Launch Winscp and start puttygen.exe from Tools
Click Load to open the Open File dialog box, change the file type to [ All Files (*. Change the file type to [ All Files (*. *) ] and load the private key id_rsa transferred from the Linux server.
Enter the passphrase that you entered when you created your private key.
When the following message is displayed, click the [ OK ] button.
Click the [ Save private key ] button to save the private key.
In this case, save it as id_rsa.ppk (in Windows).
Connect to an SSH server using a private key
Start Winscp, specify the target server, and open “Edit”, “Advanceds”, and “Authentication” in that order.
Specify id_rsa.ppk saved in windows in the “Private Key” field.
Enter the passphrase that you entered when you created the private key on the server side.
