{"id":1157,"date":"2017-10-24T11:32:03","date_gmt":"2017-10-24T08:32:03","guid":{"rendered":"https:\/\/community.virtono.com\/?p=1157"},"modified":"2020-06-10T16:46:19","modified_gmt":"2020-06-10T13:46:19","slug":"ssh-key-login","status":"publish","type":"post","link":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/ssh-key-login\/","title":{"rendered":"SSH Key Login"},"content":{"rendered":"<p><b>Note:<\/b>\u00a0This article applies to older SSH versions (SSH version 1).\u00a0For the latest information on SSH key logins, see\u00a0<a href=\"https:\/\/wp.me\/p7ISfL-iG\" target=\"_blank\" rel=\"noopener\">OpenSSH Public Key Authentication under Ubuntu\u00a0.<\/a><\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_73 counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/ssh-key-login\/#SSH_Config_for_SSH_Key_customize\" title=\"SSH Config for SSH Key customize\">SSH Config for SSH Key customize<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/ssh-key-login\/#Generate_a_key_pair_on_Linux\" title=\"Generate a key pair on Linux\">Generate a key pair on Linux<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/ssh-key-login\/#Root_direct_login_optional\" title=\"Root direct login (optional)\">Root direct login (optional)<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"SSH_Config_for_SSH_Key_customize\"><\/span><span id=\"SSH_Config_f.C3.BCr_SSH_Key_anpassen\" class=\"mw-headline\">SSH Config for SSH Key customize<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>On the remote server, the<\/p>\n<pre> \/ Etc \/ ssh \/ sshd_config \r\n<\/pre>\n<p>to be edited.\u00a0Change the following values:<\/p>\n<p>current:<\/p>\n<pre> RSAAuthentification yes\r\n<\/pre>\n<p>New:<\/p>\n<pre> RSAAuthentification no\r\n<\/pre>\n<p>current:<\/p>\n<pre> #AuthorizedKeysFile% h \/ .ssh \/ authorized_keys\r\n<\/pre>\n<p>New:<\/p>\n<pre> AuthorizedKeysFile% h \/ .ssh \/ authorized_keys\r\n<\/pre>\n<p>current:<\/p>\n<pre> #IgnoreUserKnowHosts yes\r\n ChallengeResponseAuthentication yes\r\n PasswordAuthentification yes\r\n<\/pre>\n<p>New:<\/p>\n<pre> IgnoreUserKnowHosts yes\r\n ChallengeResponseAuthentication no\r\n PasswordAuthentification no\r\n \r\n<\/pre>\n<p>Then, restart the SSH service:<\/p>\n<pre> \/etc\/init.d\/ssh restart\r\n<\/pre>\n<h2><span class=\"ez-toc-section\" id=\"Generate_a_key_pair_on_Linux\"><\/span><span id=\"Generieren_eines_Schl.C3.BCsselpaars_unter_Linux\" class=\"mw-headline\">Generate a key pair on Linux<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<pre>ssh-keygen -d\r\n<\/pre>\n<p>The key pair is now created.\u00a0Next, you will be prompted for the name of the key and the location.<\/p>\n<p><b>IMPORTANT: Protect your private key with a password.<\/b><\/p>\n<p>You will find it in the home directory of your user<\/p>\n<pre> \/home\/$USERNAME\/.ssh\r\n<\/pre>\n<p>the key pair.<\/p>\n<pre> id_dsa\r\n id_dsa.pub\r\n<\/pre>\n<p>The public key is located in the file<\/p>\n<pre> id_dsa.pub\r\n<\/pre>\n<p>The contents of this file are now stored on the remote server at:<\/p>\n<pre> \/home\/$USERNAME\/.ssh\/authorized_keys\r\n<\/pre>\n<p>If everything worked out, you should be able to log on to the remote server using the following command:<\/p>\n<pre> ssh $ SERVERIP_ODER_HOSTNAME_DES_ENTFERNTEN_SERVERS -i \/home\/$USERNAME\/.ssh\/id_dsa\r\n<\/pre>\n<h2><span class=\"ez-toc-section\" id=\"Root_direct_login_optional\"><\/span><span id=\"Root_direkten_Login_verbieten_.28optional.29\" class=\"mw-headline\">Root direct login (optional)<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><b>DANGER:<\/b><\/p>\n<p><b>Please be careful, otherwise you can lock yourself out.\u00a0If you forbid the direct root login, there must be another user on the system<\/b><\/p>\n<p>SSH is the default tool for Linux administrators.\u00a0To protect the server better, you should ban the direct root login.\u00a0You can still log on to the server with another user and then use per<\/p>\n<pre> su\r\n<\/pre>\n<p>to the root user.<\/p>\n<p>To do this, we edit \/ etc \/ ssh \/ sshd_config and set<\/p>\n<pre> PermitRootLogin yes\r\n<\/pre>\n<p>on<\/p>\n<pre> PermitRootLogin no<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Note:\u00a0This article applies to older SSH versions (SSH version 1).\u00a0For the latest information on SSH key logins, see\u00a0OpenSSH Public Key Authentication under Ubuntu\u00a0. SSH Config for SSH Key customize On the remote server, the \/ Etc \/ ssh \/ sshd_config to be edited.\u00a0Change the following values: current: RSAAuthentification yes New:<\/p>\n","protected":false},"author":4,"featured_media":1161,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[3],"tags":[],"class_list":["post-1157","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tutorial-how-to"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/public-key-auth-workflow.png?fit=632%2C696&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7ISfL-iF","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":1250,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/restrict-executable-ssh-commands-with-authorized-keys\/","url_meta":{"origin":1157,"position":0},"title":"Restrict executable SSH commands with authorized keys","author":"Daniel Draga","date":"November 9, 2017","format":false,"excerpt":"The\u00a0OpenSSH\u00a0Secure Shell Server provides secure, encrypted remote access to Linux and Unix systems.\u00a0The server side is the file\u00a0authozired_keys\u00a0in\u00a0.ssh\u00a0a user's primary folder to configure a\u00a0public-key authentication\u00a0.\u00a0Normally, a user gets\u00a0full access\u00a0to the system where the authentication was set up.\u00a0However, in some cases, such as automated backup operations, it makes sense to restrict\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/Putty2_1.png?fit=675%2C424&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/Putty2_1.png?fit=675%2C424&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/Putty2_1.png?fit=675%2C424&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":3330,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-ssh-keys-on-ubuntu-20-04\/","url_meta":{"origin":1157,"position":1},"title":"How to Set Up SSH Keys on Ubuntu 20.04","author":"George B.","date":"April 27, 2023","format":false,"excerpt":"In this tutorial, we will learn how to set up SSH keys on Ubuntu 20.04. Secure Shell (SSH) is a protocol used to securely connect to a remote server or computer. It provides a secure way to transfer files, execute remote commands, and manage remote systems. SSH keys are a\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Set-Up-SSH-Keys-on-Ubuntu-20.04.png?fit=600%2C330&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Set-Up-SSH-Keys-on-Ubuntu-20.04.png?fit=600%2C330&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Set-Up-SSH-Keys-on-Ubuntu-20.04.png?fit=600%2C330&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":1158,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/openssh-public-key-authentication-under-ubuntu\/","url_meta":{"origin":1157,"position":2},"title":"OpenSSH public key authentication under Ubuntu","author":"Shreyash Sharma","date":"October 24, 2017","format":false,"excerpt":"This article shows how\u00a0SSH access is\u00a0configured\u00a0for\u00a0public-key\u00a0authentication\u00a0.\u00a0To do so, a key pair is created on the client, the public part of the keys are transferred to the server, and the server is set up for key authentication.\u00a0The user can log on to the server without a login password, only the password\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3176,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-change-ssh-port-on-linux-or-unix\/","url_meta":{"origin":1157,"position":3},"title":"How to Change SSH Port on Linux or Unix","author":"George B.","date":"April 6, 2023","format":false,"excerpt":"By default, SSH listens on port 22, if you want to change SSH port to a non-standard port can help enhance server security by making it harder for attackers to find and exploit SSH vulnerabilities. In this article, we will walk through the process of changing the SSH port on\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Change-SSH-Port-on-Linux-or-Unix.png?fit=600%2C340&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Change-SSH-Port-on-Linux-or-Unix.png?fit=600%2C340&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Change-SSH-Port-on-Linux-or-Unix.png?fit=600%2C340&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":1156,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/ssh-root-forbid-login-under-debian\/","url_meta":{"origin":1157,"position":4},"title":"SSH root forbid login under Debian","author":"Shreyash Sharma","date":"October 23, 2017","format":false,"excerpt":"If you want to ban direct SSH root login on Debian, you need at least one additional user who can log on to the server, in addition to the root user.\u00a0Use this user to change to the root account. ATTENTION:\u00a0If you have not created another user, you lock yourself out\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/ssh_installer_2.jpg?fit=638%2C478&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/ssh_installer_2.jpg?fit=638%2C478&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/ssh_installer_2.jpg?fit=638%2C478&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":1253,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/unlock-full-encrypted-system-via-ssh\/","url_meta":{"origin":1157,"position":5},"title":"Unlock full-encrypted system via SSH","author":"Daniel Draga","date":"November 9, 2017","format":false,"excerpt":"A complete encryption of your own system is an excellent way to ensure the confidentiality of your own data.\u00a0The current Ubuntu installer offers a guided installation to encrypt the entire system with \"\u00a0encrypted LVMs\u00a0\".\u00a0For both the automated installation and the manual way, there are numerous detailed guides that explain the\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/dropbear-logo-walking_700_726_FFFFFF_c1.jpg?fit=700%2C726&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/dropbear-logo-walking_700_726_FFFFFF_c1.jpg?fit=700%2C726&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/dropbear-logo-walking_700_726_FFFFFF_c1.jpg?fit=700%2C726&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/dropbear-logo-walking_700_726_FFFFFF_c1.jpg?fit=700%2C726&ssl=1&resize=700%2C400 2x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/1157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/comments?post=1157"}],"version-history":[{"count":1,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/1157\/revisions"}],"predecessor-version":[{"id":1162,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/1157\/revisions\/1162"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media\/1161"}],"wp:attachment":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media?parent=1157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/categories?post=1157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/tags?post=1157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}