Steps:
- Create the Cryptographic Keys:
Assign the pass phrase (press [enter] key twice if you don't want a passphrase). It will create 2 files in ~/.ssh directory as follows:$ ssh-keygen -t rsa
~/.ssh/id_rsa : identification (private) key
~/.ssh/id_rsa.pub : public key
- Use WinSCP to copy the id_rsa (private key) to desktop, use PuTTYgen.exe to load this key and save private key to PuTTY's format.
- Add id_rsa.pub in ~/.ssh/authorized_keys (or authorized_keys2), just in 1 line. Or simply
mv id_rsa.pub authorized_keys
- Be sure both the home directory and the .ssh directory be owned and writable only by the owner (700 recommended for .ssh)
- Any error see /var/log/auth.log
- sshd protocol 1 is insecure, so vi /etc/ssh/sshd_config:
[...]
Protocol 2
PasswordAuthentication no # if want to disable interactive logon
- Restart sshd:
$ sudo /etc/init.d/ssh restart
- Use the saved private key in PuTTY:
PuTTY Configuration -> Connection -> SSH -> Auth -> Private key file for authentication,
then load the private key. Or use PAGEANT to load this automatically.
- Change passphrase:
If it's already converted to PuTTY format, use PuTTYgen.exe to convert it back to OpenSSH format, then
Enter file in which the key is (id_rsa):...$ ssh-keygen -p
Reference:
No comments:
Post a Comment