57 lines
1.2 KiB
Markdown
57 lines
1.2 KiB
Markdown
|
# Public Key Authentication
|
||
|
|
||
|
* login on the server using password\
|
||
|
NOTE: Leave this terminal/shell always open until this configuration is successfully validated. This is a backup connection to your server using password in case the public key authentication fails.
|
||
|
```
|
||
|
ssh -p<tbd> <user>@<host name>
|
||
|
```
|
||
|
|
||
|
* open the **sshd_config** file using a text editor like this
|
||
|
```
|
||
|
sudo vi /etc/ssh/sshd_config
|
||
|
```
|
||
|
|
||
|
* in this file, make sure the following options are set as follows
|
||
|
```
|
||
|
PermitRootLogin no
|
||
|
PubkeyAuthentication yes
|
||
|
#GSSAPIAuthentication yes
|
||
|
#GSSAPICleanupCredentials no
|
||
|
UsePAM yes
|
||
|
```
|
||
|
|
||
|
* save this file and restart sshd service
|
||
|
```
|
||
|
sudo systemctl restart sshd
|
||
|
```
|
||
|
|
||
|
* navigate to your local host home folder and check permissions
|
||
|
```
|
||
|
cd ~
|
||
|
ls -ld
|
||
|
chmod 0700 ~
|
||
|
ls -ld
|
||
|
```
|
||
|
|
||
|
* navigate to the **.ssh** folder and check permissions
|
||
|
```
|
||
|
cd ~/.ssh
|
||
|
ls -ld
|
||
|
chmod 0700 ~/.ssh
|
||
|
ls -ld authorized_keys
|
||
|
chmod 0600 ~/.ssh/authorized_keys
|
||
|
```
|
||
|
|
||
|
* copy your existing local host public key on the server
|
||
|
```
|
||
|
ssh-copy-id -p<tbd> <user>@<host name>
|
||
|
```
|
||
|
|
||
|
* login on the server using public key authentication
|
||
|
```
|
||
|
ssh -p<tbd> <user>@<host name>
|
||
|
```
|
||
|
|
||
|
* if you completed public key authentication successfully,
|
||
|
you may savely close the terminal/shell running the open password-based login
|