June 2003
Intermediate to advanced
336 pages
8h 54m
English
Content preview from Linux Security CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
6.7. Authenticating by Public Key (SSH2 Client, OpenSSH Server)
Problem
You want to authenticate between an SSH2 client (SSH Secure Shell from SSH Communication Security) and an OpenSSH server by public key.
Solution
Create an SSH2 private key on the client machine, if one doesn’t already exist, and install it by appending a line to ~/.ssh2/identification:
$ mkdir -p ~/.ssh2 If it doesn't already exist $ chmod 700 ~/.ssh2 $ cd ~/.ssh2 $ ssh-keygen2 Creates id_dsa_1024_a $ echo "IdKey id_dsa_1024_a" >> identification (Appending)
Copy its public key to the OpenSSH server machine:
$ scp2 id_dsa_1024_a.pub remoteuser@remotehost:.ssh/
Log into the OpenSSH server host and use OpenSSH’s ssh-keygen to import the public key, creating an OpenSSH format key: [Recipe 6.6]
$ ssh2 -l remoteuser remotehost Password:
********remotehost$ cd ~/.ssh remotehost$ ssh-keygen -i > imported-ssh2-key.pub Enter file in which the key is (/home/smith/.ssh/id_rsa):id_dsa_1024_a.pubInstall the new public key by appending a line to ~/.ssh/authorized_keys:
remotehost$ cat imported-ssh2-key.pub >> authorized_keys (Appending)Log out and log back in using the new key:
remotehost$ exit $ ssh2 -l remoteuser remotehost
Description
Recall that SSH2 uses the identification file as explained in the sidebar, SSH-2 Key File Formats.
See Also
ssh-keygen(1), ssh-keygen2(1).