OpenSSH
OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions.
Here is a brief tutorial for easy setup.
Install SSH
Study following tutorial thoroughly and setup your unix/linux machine secure.
Step1:
Create Public and private keys from openssh and save it to your local computer by following command in your unix machine.
2 keys are
- id_rsa.pub (Public Key)
- id_rsa (Private Key)
Step 2:
Change the mode of public key
Step 3:
Transport the key to the server
Step 4:
Make a .ssh directory in the home of the user
Step 5:
Change the key to authorized key in .ssh folder.
(Multiple Public can pe kept in server with same name either dsa key or rsa key from putty or linux)
Client Setting
Make directory .ssh in home of the user at local.
$mkdir .ssh
$cp id_rsa.ssh/
Now Connect your server with the key you generated by following command.
Connecting Server with PuTTY Key
Download PuTTY Installer from the following link
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Step 1.
Install the Putty in your local windows machine.
Step 2.
Generating Key pairs from PuTTYgen. Move your mouse during key generation.
Save your public key and private key in your folder.
Step 3.
Transport the key to the server
Step 4 .
Make a .ssh directory in the home of the user
Step 5 .
Transforming putty key into open-ssh key
In order to translate putty key into open-ssh key, you need to have ssh-keygen tool in your computer
Putty Setting
- Start putty
- Make a new session
- Set server ip in the Host/IP address form as shown in figure below
- Save the session as per the name of your server as shown in figure(pc1f044@feeBSD)
- Set the private key in the putty as shown in figure.
- give path of your private key.
- Save your session
- Connect to the server.
- Congratulation
-go to ssh
-click auth
Disable Password Authentication
Use your favourite text editor Vim to edit /etc/ssh/sshd_config on the machine you wish to ssh to, and set these options.
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
Restart ssh server
$/etc/rc.d/sshd restart (FreeBSD)
Cheers !!
1 comment
admin
June 7, 2014 at 11:20 pm (UTC 9)
Cygwin: Permissions 0660 for ‘~/.ssh/id_rsa’ are too open.
Environment:
MS Windows 8.1
Cygwin 64bit
ssh keys copied from somewhere and placed to ~/.ssh/
Problem:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0660 for ‘~/.ssh/id_rsa’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: ~/.ssh/id_rsa
Did not work:
chmod 600 id_rsa
chmod 700 .ssh
Playing with Windows security panels
Setting group to SYSTEM
Everything else
Solution:
Found on Vineet Gupta’s blog http://vineetgupta.com/blog/cygwin-permissions-bug-on-windows-8
chgrp Users id_rsa
chmod 600 id_rsa
Now, all works. Thank you, Vineet!