How to set up SSH certificates on a Fedora 17 client

From:
http://www.thegeekstuff.com/2008/11/3-steps-to-perform-ssh-login-without-password-using-ssh-keygen-ssh-copy-id/
https://help.ubuntu.com/community/SSH/OpenSSH/Keys
http://www.lifelinux.com/setting-up-an-ssh-certificate/

To generate the key pair (on the local machine)

ssh-keygen -t rsa -b 4096

Copy the public key to the host. I found I first need to restart ssh and execute ssh-add to load the newly created key. Execute the following commands on the local machine:

sudo systemctl restart sshd
ssh-add
ssh-copy-id remote-host

Where remote-host is usually of the format user@host

Finally ssh into the host and edit /etc/ssh/sshd_config to stop passwords being accepted for authorisation

PasswordAuthentication no
KbdInteractiveAuthentication no

I found the second line necessary as without it was still able to connect using connectbot on my phone (details on how to set up certificates for this can easily be found elsewhere)

Advertisements
1 comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s