Reading Time: 1 minute, 21 secs

CentOS Use Public/Private Keys for Authentication

The following Tutorial walks you through how to setup authentication using a key pair to negotiate the connection, stopping the requirement for passwords.

1.First, create a public/private key pair on the client that you will use to connect to the server (you will need to do this from each client machine from which you connect):

Leave the passphrase blank if you dont want to receive a prompt for this.

This will create two files in your ~/.ssh directory called: id_rsa and id_rsa.pub The first: id_rsa is your private key and the second: id_rsa.pub is your public key.

2. Now set permissions on your private key:

3. Copy the public key (id_rsa.pub) to the server and install it to the authorized_keys list:

Note: once you’ve imported the public key, you can delete it from the server.

4. Set file permissions on the server:

The above permissions are required if StrictModes is set to yes in /etc/ssh/sshd_config (the default).

5. Ensure the correct SELinux contexts are set:

Now when you login to the server you shouldn’t be prompted for a password (unless you entered a passphrase). By default, ssh will first try to authenticate using keys. If no keys are found or authentication fails, then ssh will fall back to conventional password authentication.

NOTE: If you want access to and from some servers you would need to complete this process on each “client setver” and “master server”

If you have any issues with setting this up, please get in touch.

0 Likes

Leave a Comment.