Home > Security > How to Setup Key Based Authentication in SSH

How to Setup Key Based Authentication in SSH

March 8, 2011 Posted by KP

This is for Windows client, please refer to this page for FreeBSD workstation.

Key Based Authentication, step by step

1. Download PuTTYgen (on Windows), generate private/public key pair.

1.1 Save public and private key files.

1.2 Edit public key file according to this page. Basically 3 changes:

  • Delete the first two and the last line
  • Join the remaining lines into one single line
  • Insert ssh-rsa keyword (with one trailing space) in front of the single line

2. Upload public key file to ~/.ssh/authorized_keys, this is the default path for public key file, create .ssh if the directory doesn’t exist. Append public key file content if the file authorized_keys already exists.

3. Edit /etc/ssh/sshd_config
Uncomment or add the following lines:
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
ChallengeResponseAuthentication no

Reload sshd
Note: make a test login before reload the sshd config, you may be locked out.
# /etc/rc.d/sshd reload

4. Connect with putty, specify private key in “Connection > SSH > Auth > Browse…”

Related Posts:

Filed Under: Security

Comments are closed.