Skip to content
DALARIS TECH BLOG
FREE IT GUIDES by CHUONG K. NGUYEN – BSc., MCSEx2, MCSAx2, MCP, MCTS, MCITP, CCNA

Primary Menu

  • Microsoft
    • Hyper-V
    • Windows Server 2019
    • Windows Server 2016
    • Systems Center 2012 R2
    • Windows Server 2012
    • Windows Server 2012 R2
    • Windows Server 2008 R2
    • Windows Server 2008
    • Exchange Server
      • Exchange 2019
      • Exchange 2016
      • Exchange 2013
      • Exchange 2010
      • Exchange 2007
    • SQL Server
    • Windows Clients
  • Linux
    • Administration
    • Mail General
    • MySQL
  • Citrix
    • Citrix XenApp 6.5
  • Cisco
    • Configurations
  • Development
    • Java
  • About

Breadcrumbs

Home ∼ How To Copy SSH Key to a Remote Computer

How To Copy SSH Key to a Remote Computer

September 14, 2015 admin
Tweet

How to copy SSH Key to a Remote Computer

CHUONG K. NGUYEN – BSc., MCSEx2, MCSAx2, MCP, MCTS, MCITP, CCNA

We can log into a remote Linux server either by a username / password combination or by using an SSH key. SSH keys provide a more secure way for the authentication to happen. Better yet, we can protect the key with a passphrase so that if the local computer (the one with the private key stored) is stolen, the person who has access to that computer cannot connect to the remote computer with just the key.

We essentially need to perform the following steps:

  1. Create the RSA key pair
  2. Store the keys (with or without passphrase)
  3. Copy the public key to the remote computer
  4. Remove root login.

This lab uses two computers running Ubuntu Linux 15.04.01

  1. LocalCom: 192.168.1.7
  2. RemoteCom: 192.168.1.8

Prepare LocalCom:

  • Elevate account privilage: sudo su
  • Rename the server: hostnamectl set-hostname localcom
  • Logoff: exit twice
  • Log back in
  • Change IP address: vi /etc/network/interfaces

  • Enable root login

     

    vi /etc/ssh/sshd_config

     

    Comment the line: PermitRootLogin without-password

    Enter the line: PermitRootLogin yes

    Restart SSHD: service ssh restart

    Change Root Password: passwd root

Prepare Remotecom: do the same steps for RemoteCom but use IP address 192.168.1.8 and host name remotecom.

At this point, you can SSH to any of the two computers as root.

Step 1: Generate the RSA key Pair

ssh-keygen –t rsa

Step 2: Store the keys (and passphrase if there is any)

When asked for file name, keep the default one. Press Enter to leave the passphrase empty for the purpose of this lab. If you want to enter a passphrase, go ahead and do so but remember that every time you login using the keys, you will be prompted to enter the passphrase.

Step 3: Copy the public key to remotecom

Method 1:

ssh-copy-id root@192.168.1.8

Method 2:

cat ~/.ssh/id_rsa.pub | ssh root@192.168.1.8 “mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys”

Here, I am going to use the first method. Confirm the connection, type “yes” and supply the root password for remotecom.

Now, from localcom, let’s login as root@192.168.1.8. You should be connected right away without a prompt for root password.

Disable Root Login with Password

Since we can login as root with the key, we should disable password login for root.

to do that, remove the comment for PermitRootLogin without-password. Also comment the line that says PermitRootLogin yes.

vi /etc/ssh/sshd_config

Restart SSH: service ssh restart

So when I try to SSH into remotecom as root on another computer, I got Access denied.

But I can SSH to remotecom from localcom.

As you can see, I now can SSH into remotecom from localcom without a password. SSH from anywhere else is not possible.

That’s it!

Tweet
Posted in Administration, Linux
Tagged How to Copy SSH key to remote Computer, Keyless Login In Linux

Post navigation

How to Synchronize Systems With rsync
How to Create a New Distribution Group in Microsoft Exchange Server 2010 Using Exchange Management Shell

Primary Sidebar

Recent Posts

  • How to Modify Firewall Address Filter
  • How to obtain Public IP address from PowerShell
  • How to Install and Configure Exchange Server 2019 on a Server Core 2019
  • How to add a domain user to the local Administrators group using command lines
  • How to find out an email address belongs to which Recipient

Recent Comments

  • SCCM 2012 R2 PART 2 – Installing Prerequisites for SCCM 2012 R2 | DALARIS TECH BLOG on How to Install and Configure Active Directory in Windows 2012 R2
  • admin on PART 17 – Citrix XenApp 6.5 Policies
  • sesamepr on PART 17 – Citrix XenApp 6.5 Policies
  • jorge on Introduction to IT Labs

Archives

  • November 2019
  • September 2019
  • August 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • December 2017
  • April 2017
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • October 2014

Categories

  • Administration
  • Cisco
  • Citrix XenApp 6.5
  • Configurations
  • Development
  • Exchange 2007
  • Exchange 2010
  • Exchange 2013
  • Exchange 2019
  • Exchange Server
  • Hyper-V
  • ITLabs
  • Java
  • Linux
  • Mail General
  • Microsoft
  • MySQL
  • SQL Server
  • Systems Center 2012 R2
  • Uncategorized
  • Windows Clients
  • Windows Server 2008
  • Windows Server 2008 R2
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows Server 2016
  • Windows Server 2019

Meta

  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org

Footer Content

Social Menu

  • Microsoft
  • Linux
  • Citrix
  • Cisco
  • Development
  • About
Proudly powered by WordPress · Theme Kuorinka by Foxnet