SSH setup login using certificates

By | November 18, 2008

Once you are running a linux server you can choose to do the login by username and password authentication or by certificate authentication. Personally I always choose for the latter as it is more difficult to intercept or hack in to.

Setting up certificate authentication is really simple. Just login to the machine as you would normally. Change to the user you are setting-up a certificate for and enter:

ssh-keygen -t rsa

You will be prompted for a password twice. After this is completed two files will be generated. One being the public file and one being the prive file. You need to download the private file from the server and store it somewhere safe. The public key needs to be copied to:

 ~/.ssh/authorized_keys

After this you will be able to login to the server using your username and the private certificate. Please note that for Putty you will need to import the generated private key into puttygen and export it into a new private key. This is because Putty does not support the SSH generated private key.

Update: fixed the name of the keyfile to actually make it work, thanks for that neosam.

One thought on “SSH setup login using certificates

  1. Simon Goller

    Hi,

    Thanks for this post. I think you mean ~/.ssh/authorized_keys instead of ~/.ssh/authenticated_keys

    authenticated_keys didn’t work for me.

    Cheers,
    neosam

    Reply

Leave a Reply