Communicate With a Remote Computer Using SSH With RSA

You have probably heard about Telnet used to reach the command line of a remote computer. The biggest problem with Telnet was (and is) security. Since no encryption is used to transfer data between the remote computer and yours, anybody can see sensitive data by wire tapping your communication line. More than that, the data being transferred can be changed by a third-party. createssh

Secure Shell (SSH) does not have such a big weakness if configured appropriately. What do I mean by “if configured appropriately”? Well, the systems used to encrypt and decrypt data are called cryptosystems and there are different categories. I will explain you the configuration needed for RSA cryptosystem which is a very secure one. I will not explain you the mathematics but the real deal. supermoz

I will assume that Linux is used for the server-side.

For client-side, I will explain steps for both Windows and Linux.

Server-Side SSH Configuration on Linux

RSA, as I said before, is a cryptosystem working with two keys: public key and private key. The public key is made public and anyone can see it. The private key, on the other hand, should be secret. directory24x7

Let’s turn back to our server configuration. We will first create the public and private key. First, login as a regular user (not root). To create your keys, type

ssh-keygen -t rsa

Select default directory for public/private keys by pressing ENTER. Then you will be asked to enter a passphrase to protect your private key. If your private key is stolen, it cannot be used unless your passphrase is known.

The keys are stored under .ssh directory by default. buddylinks

Now, log in as the root user. The main configuration file for SSH daemon in Linux is the sshd_config file located under /etc/ssh directory.

Open sshd_config file with your favorite editor and change the following settings:

AuthorizedKeysFile .ssh/

PasswordAuthentication no

These settings force people to use RSA, disallows root login and defines the name of the public key file that we created before.

Save the file and restart SSH daemon with: seoboost

service sshd restart

You are done with the server-side configuration. So simple!

Client-Side SSH Configuration on Linux

On the server machine, you should keep your public key file which is /home/gcagrici/.ssh/ in our example from our previous steps. Moreover, you should copy your private key file to every client machine from which you plan to connect to the remote server and then delete it from the server machine since you will not need the private key on the server machine.

Since we finished configuring the server machine (test1 in our example), we can move the private key file on that machine to our client machine (test2 in our example) by USB memory or any other way you like. You should end up having the private key file (id_rsa) under the .ssh directory of your local home on the client machine. Do not forget that this file must be readable only by you and no one else.For more info please visit these sites:-


Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *