Skip to content
Bots!
Bots!
  • About
    • Myself
    • আমার দোয়া
  • Bookmarks
    • Bookmarks
    • My OCI Bookmarks
    • Useful Proxmox Commands & Links
    • Learning Nano
    • Useful Sites
    • Useful Virtualbox Command
    • Useful MySQL Command
    • Useful Linux Command
    • BTT-CAS
  • Resources
    • Webinar on Cloud Adoption for Project Managers
  • Photos
  • Videos
  • Downloads
Bots!

SSH Key-Pair Authentication

Rumi, September 3, 2022

Create Key-Pair by each user, so login with a common user on SSH Server Host and work like follows.

# create key-pair
debian@dlp:~$ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/debian/.ssh/id_rsa): # Enter or input changes if you want
Created directory '/home/debian/.ssh'.
Enter passphrase (empty for no passphrase): # set passphrase (if set no passphrase, Enter with empty)
Enter same passphrase again:
Your identification has been saved in /home/debian/.ssh/id_rsa
Your public key has been saved in /home/debian/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:H+lFm+3c93VekrLiFCYAwoWDUVs43s4JEze8wr8QzG8 debian@dlp.srv.world
The key's randomart image is:
.....
.....

debian@dlp:~$ll ~/.ssh

total 8
-rw------- 1 debian debian 2655 Aug 17 13:48 id_rsa
-rw-r--r-- 1 debian debian 574 Aug 17 13:48 id_rsa.pub
debian@dlp:~$mv ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys

Transfer the private key created on the Server to a Client, then it’s possible to login with Key-Pair authentication. Below is an example to connect from a linux shell.

debian@node01:~$mkdir ~/.ssh
debian@node01:~$chmod 700 ~/.ssh
# transfer the private key to the local ssh directory
debian@node01:~$scp debian@dlp.srv.world:/home/debian/.ssh/id_rsa ~/.ssh/
debian@dlp.srv.world's password:
id_rsa 100% 2655 2.0MB/s 00:00

Now login:

debian@node01:~$ssh debian@dlp.srv.world

Enter passphrase for key '/home/debian/.ssh/id_rsa': # passphrase if you set
Linux dlp.srv.world 5.10.0-8-amd64 #1 SMP Debian 5.10.46-4 (2021-08-03) x86_64
.....
.....

debian@dlp:~$  # logined

If you set [PasswordAuthentication no], it’s more secure.

root@dlp:~#vi /etc/ssh/sshd_config
# line 58 : change to [no]
PasswordAuthenticationno
root@dlp:~#systemctl restart ssh

SSH Key-Pair Authentication on Windows Client #1

This is the example to login to SSH server from Windows Client. It uses Putty on this example. Before it, Transfer a private key to Windows Client.

Run [Puttygen.exe] that is included in [Putty]. (placed in the folder [Putty.exe] is also placed). If not included, Download it from official site (www.chiark.greenend.org.uk/~sgtatham/putty/). After starting [Puttygen.exe], Click [Load] button on the following window.

Specify the private key that you transfered from SSH server, then passphrase is required like follows, answer it. (if not set passphrase, this step is skipped)

Click [Save private key] button to save it under a folder you like with any file name you like.

Start Putty and Open [Connection] – [SSH] – [Auth] on the left pane, then specify your private key on the [Private key file] field.

Back to the [Session] on the left pane and specify your SSH server host to Connect.

When SSH key-pair is set, the passphrase if it is set is required to login like follows, then answer it.

SSH Key-Pair Authentication on Windows #2

On Windows 10 Version 1803 or later, OpenSSH Client has been implemented as a Windows feature, so it’s possbile to authenticate with SSH Key-Pair without Putty and other 3rd party softwares. Transfer your private key to your Windows 10 and put it under the [(logon user home).ssh] folder like follows, then it’s ready to use Key-Pair authentication.

Src: https://www.server-world.info/en/note?os=Debian_11&p=ssh&f=4

Collected Articles PuttygenSSHSSH Authentication

Post navigation

Previous post
Next post

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Myself…

Hi, I am Hasan T. Emdad Rumi, an IT Project Manager & Consultant, Virtualization & Cloud Savvyfrom Dhaka, Bangladesh. I have prior experience in managing numerous local and international projects in the area of Telco VAS & NMC, National Data Center & PKI Naitonal Root and CA Infrastructure. Also engaged with several Offshore Software Development Team.

Worked with Orascom Telecom-Banglalink, Network Elites as VAS partner, BTRC, BTT (Turkey) , Mango Teleservices Limited and Access to Informaiton (A2I-UNDP)

Currently working at Oracle Corporation as Principal Technology Solution and Cloud Architect.

You can reach me [h.t.emdad at gmail.com] and I will be delighted to exchange my views.

Tags

Apache Bind Cacti CentOS CentOS 6 CentOS 7 Debain Debian Debian 10 Debian 11 Debian 12 DKIM Docker endian icinga iptables Jitsi LAMP Letsencrypt Linux Munin MySQL Nagios Nextcloud NFS nginx pfsense php Postfix powerdns Proxmox RDP squid SSH SSL Ubuntu Ubuntu 16 Ubuntu 18 Ubuntu 20 Varnish virtualbox vpn Webmin XCP-NG zimbra

Topics

Recent Posts

  • Install Jitsi on Ubuntu 22.04 / 22.10 April 30, 2025
  • Key Lessons in life April 26, 2025
  • Create Proxmox Backup Server (PBS) on Debian 12 April 19, 2025
  • Add Physical Drive in Proxmox VM Guest April 19, 2025
  • Mount a drive permanently with fstab in Linux April 16, 2025
  • Proxmox 1:1 NAT routing March 30, 2025
  • Installation steps of WSL – Windows Subsystem for Linux March 8, 2025
  • Enabling Nested Virtualization In Proxmox March 8, 2025
  • How to Modify/Change console/SSH login banner for Proxmox Virtual Environment (Proxmox VE / PVE) March 3, 2025
  • Install Proxmox Backup Server on Debian 12 February 12, 2025

Archives

Top Posts & Pages

  • Install Jitsi on Ubuntu 22.04 / 22.10
©2025 Bots! | WordPress Theme by SuperbThemes