Key-based SSH Linux
What is SSH (Secure Shell ) .
SSH is a network protocol for Access the operating system from remote securely over network , it’s most common application for remote login on Linux/Unix machines .
SSH Deamon : SSHD
SSH RPM : Open-ssh
Configuration File : /etc/ssh/sshd_config
We can SSH our servers by two way using username/Password or keybased so we don’t required enter credentials Again-2 .
#yum install openssh* –y ( for install all ssh packages )
#systemctl start sshd (for start the ssh service )
#systemctl status sshd (for check status of SSH service it should be in Active state )
Now we can do SSH of any machine or can SSH this machine from other .
Server IP : 192.168.1.7
Client IP : 192.168.1.8
#ssh 192.168.1.7 (ssh machine password based )
#ssh email@example.com (for ssh by different user by default it use root )
#ssh –X 192.168.1.7 ( for graphical access )
When we ssh any new machine it’s ask for continue connection by Yes these information stored as known host list in below file .
SCP: – Secure Copy
Copy any file from one computer to another SSH .
#scp filenamexyz firstname.lastname@example.org:/mnt (for copy any file to another computer )
#scp -r finemaexyz file2 file3 email@example.com:/mnt (copy multiple files )
Rsync also used for copy the files like SCP but it has extra feature “incremental copy “means if we have copied the same file earlier and then we made some changes in original file and want to copy again then it will add the changes only to destination file instead copy entire file
#rsync -av filename firstname.lastname@example.org:/mnt ( -av = Archive verbose )
Now SSH Machine with Key Based .
RSA is a Encrypted algorithm which is used for keybased authentication .
#ssh-keygen (for generate the keys )
#ls /root/.ssh/ (for check the both Keys)
Note : Two Keys will generated Private and Public , we share the public key with others so they can add our key in his server after that we can access that server without entering Username and password .
#ssh-copy-id 192.168.1.7 (it will copy your public key to another machine ask the credentials )
#ssh 192.168.1.7 (it will not ask the credentials and login with ssh after share the key )
Now we can check the Keys which is added in our file go to another machine .
Server Side .
We can delete any key entry for deny login from any remote machine at end of each key there is hostname for identification