* Typing password on login
* public key authentication
Both method can be deployed in same ssh server. Public Key Authentication is the topic here.
1. Generate public key and private key
A Lock(public key) and a Key(private key) has to be generated first.
The way to generate:
(my ssh client is command "ssh" running from an Ubuntu 14.04LTS)
- Generating public/private rsa key pair.
- Enter file in which to save the key (/home/james/.ssh/id_rsa): /tmp/my_keys
- Enter passphrase (empty for no passphrase):
- Enter same passphrase again:
- Your identification has been saved in /tmp/my_keys》.
- Your public key has been saved in /tmp/my_keys.pub.
- The key fingerprint is:
- e0:78:ef:88:51:41:e1:71:e9:fc:b1:95:e1:c5:d8:e6 james@james-PC
- The key's randomart image is:
- +--[ RSA 2048]----+
- | +... + |
- | o o. o = |
- | +o . * |
- | o oo . + E |
- | . + S. + |
- | o . o |
- | . . |
- | o o |
- | . . . |
- +-----------------+
There is no protection of the Lock, the public key.
- james@james-PC ~/.ssh $ ls /tmp/ -l
- total 148
- -rw------- 1 james james 1766 Nov 25 17:05 my_keys
- -rw-r--r-- 1 james james 421 Nov 25 17:05 my_keys.pub
2. Insert public key into ssh server
Ssh server needs this Lock to verify your Key.Suppose the name of ssh server is "ssh-server".
Simply append the content of my_keys.pub to the end of file authorized_keys which is located at .ssh/authorized_keys of the correspond user's home directory. Copy can be done by scp, ftp, ... even usb-disk.
- scp /tmp/my_keys.pub james@ssh-server:/home/james/.ssh/authorized_keys
To make it simple, the file is just overwrites the target which would cause the lost of other public key.
3. Test
Ssh server would verify your Key (private key) with the Lock (public key) which is provided when you login:
- ssh james@ssh-server
Nothing need by typed here if you assigned empty passphrase when creating the keys, or you have to type the passphrase that is same to the one when the keys was generated.
