SSH Protocol
SSH (Secure Shell) is a network protocol that provides secure access to a computer (mostly Unix based). When you want to connect to a remote Unix server, SSH is one way of accessing the server. SSH is very powerful by combining both security of the data transmitted over network and accessibility to the remote system. SSH protocol works between two computers by a client-server architecture. When a client computer connects to the server, the server requires the client to authenticate itself. There are different ways a client can authenticate itself to the server. A typical authentication mode will be to enter a password when logging into a remote system. In this howto we can explore another mode of authentication in which server doesn’t require a password to be entered by the user. This mode will be very useful if you are connecting to a remote system frequently and dont want to enter the password everytime.
Before we see the steps, just to give a background on the components involved:
SSH SERVER
When you need to connect to a remote computer via SSH, that computer should have a SSH server running on it. All Unix based distributions ( Linux, Mac OSX etc.,) includes a ssh server. For Windows based systems Cygwin can be used as an SSH server.
SSH CLIENT
Assuming your remote computer has an SSH server running on it, to connect to that computer you would need a SSH client on the local computer. On Unix based systems, SSH clients are available as command line utilities. For Windows based systems, putty is an excellent client. Check here for more information about putty.
CONFIGURATION
SSH is a powerful tool and relies on password as a security. We just bypassed that security for sake of convenience. If a hacker get holds of the private key we generated, it allows a free access to your systems. So use this technique with care.
SSH (Secure Shell) is a network protocol that provides secure access to a computer (mostly Unix based). When you want to connect to a remote Unix server, SSH is one way of accessing the server. SSH is very powerful by combining both security of the data transmitted over network and accessibility to the remote system. SSH protocol works between two computers by a client-server architecture. When a client computer connects to the server, the server requires the client to authenticate itself. There are different ways a client can authenticate itself to the server. A typical authentication mode will be to enter a password when logging into a remote system. In this howto we can explore another mode of authentication in which server doesn’t require a password to be entered by the user. This mode will be very useful if you are connecting to a remote system frequently and dont want to enter the password everytime.
Before we see the steps, just to give a background on the components involved:
SSH SERVER
When you need to connect to a remote computer via SSH, that computer should have a SSH server running on it. All Unix based distributions ( Linux, Mac OSX etc.,) includes a ssh server. For Windows based systems Cygwin can be used as an SSH server.
SSH CLIENT
Assuming your remote computer has an SSH server running on it, to connect to that computer you would need a SSH client on the local computer. On Unix based systems, SSH clients are available as command line utilities. For Windows based systems, putty is an excellent client. Check here for more information about putty.
CONFIGURATION
- We start the configuration at the client windows computer. Download the latest version of Putty.exe and Puttygen.exe from here.
Using the Puttygen tool we have to generate an authentication key. This
key will serve as a substitute for the password that will be entered
during login.
- Start puttygen.exe by double clicking on the executable. The following window opens up.
Puttygen Window - Leave the default ‘SSH-2 RSA’ selection and click on the ‘Generate’
button. The following window opens. Move mouse randomly over the empty
space below the progress bar to create some randomness in the generated
key.
RSA key generation by Puttygen - Don’t enter any key phrase. Click on ‘Save private Key’ button.
Click ‘Yes’ on the window asking for confirmation for saving the key
without a password.
Key generated successfully - Save the key file to a safe location (Let us assume you will be saving it as C:\Personal\SSHKey\Laptop.ppk).
- Now you can close the Puttygen window.
- Open the Laptop.ppk file in a notepad. Copy the four lines under ‘Public-Lines’ section to windows clipboard.
Copy Public Key Section - Now open putty and connect to the remote system using the user id you want to use for future no password connections. (Let us assume you will connect to the remote machine using user name ‘ubu’. This time when you login, you have to provide the password at the prompt. Future logins won’t require this password.
- Under the logged in user’s home directory there will be .ssh directory, under that create a new file called authorized_keys using a text editor such as vi. (In our case the file will be created under /home/ubu/.ssh/authorized_keys).
- Type the word ” ssh-rsa ” (including spaces on both ends of the
word) and paste the 4 lines copied from step 7. Remove the carriage
return at end of each line, merging four lines into one single line. Be
careful not to delete any characters while doing that. Final output
should like the following window.
Add generated key to remote system - Save the file and quit the text editor. Assign rw permissions only for the owner. $ chmod 600 ~/.ssh/authorized_keys.
Set file permissions - Now we have configured SSH server, its time to test our setup.
- On the local system, open Putty, enter the ip address details of the remote system.
- Now from the left navigation, select Connection -> Data. Enter ‘ubu’ as ‘Auto-login username’ on the right panel.
Enter User name on Putty - Again from the left navigation menu, scroll down and select
Connection -> SSH -> Auth. Enter the path of the saved private key
file ( In our case C:\Personal\SSHKey\Laptop.ppk ). Leave other
defaults as such and press open button.
Specify key file location - Now the putty connects to the remote SSH server and there won’t be any password prompt here after
.
No Password Connection
SSH is a powerful tool and relies on password as a security. We just bypassed that security for sake of convenience. If a hacker get holds of the private key we generated, it allows a free access to your systems. So use this technique with care.
No comments:
Post a Comment