Create key pair for each user, so login with a common user and work it like follows.
# create key pair
#su cent
[cent@dlp ~]$ssh-keygen -t rsa Generating public/private rsa key pair.
Enter file in which to save the key (/home/cent/.ssh/id_rsa):# Enter
Created directory '/home/cent/.ssh'.Enter passphrase (empty for no passphrase):#set passphrase (set no passphrase to Enter with empty)
Your identification has been saved in /home/cent/.ssh/id_rsa. Your public key has been saved in /home/cent/.ssh/id_rsa.pub. The key fingerprint is: 38:f1:b4:6d:d3:0e:59:c8:fa:1d:1d:48:86:f0:fe:74 cent@dlp.server.world The key's randomart image is:
pic:
after generate it will created two file(id_rsa and id_rsa.pub)
-id_rsa.pub is a public key for server
-id_rsa is a private that we need for remote to server
#Rename public key id_rsa.pub to authorized_keys and set permission[cent@dlp ~]$ mv ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys
[cent@dlp ~]$chmod 600 ~/.ssh/authorized_keys
[cent@dlp ~]$chmod 700 ~/.ssh
now we finish for configure public key on server.
Transfer the secret key created on the Server to a Client, then it's possbile to login with keys authentication.
we just copy public key id_rsa to linux directory using scp or sftp protocol:
#scp cent@10.0.0.30:/home/cent/.ssh/id_rsa ~/.ssh/
Make sure we create directory ~/.ssh on linux client already
or using sftp:
go to directory that we want to copy
#sftp username@server_ip
>put id_rsa
then use this command for remote:
#ssh -i ~/.ssh/id_rsa cent@server_ip
Enter passphrase for key '/home/cent/.ssh/id_rsa':# passphrase
Last login: Wed Jul 30 21:37:19 2014 from www.server.world
Note: passphrase is the password that we generate key before
SSH Keys Auth from Windows Client
It's the example to login to SSH server from Windows Client using putty.
Transfer a secret key to Windows Client first.
Download "Puttygen.exe" from Putty Site and save it under the Putty directory. Next execute it and click "Load" button
Specify the secret key which you downloaded, then passphrase is required like follows, answer it.
after type the passphrase you can change passphrase or keep the same password.
and then:
Click "Save private key" button to save it under a folder you like with any file name you like.
Start Putty and open [Connection]-[SSH]-[Auth] on the left menu, then select the "private_key" which was just saved above.
Back to the [Session] on the left menu and save and connect ssh authenticaton:
The passphrase is required to input, then answer it. If it's correct passphrase, it's possible to login normally like follows.
More secure about ssh option:
#vim /etc/ssh/sshd_config
find and change:
PermitRootLogin no
#Disable passwordAuthentication
PasswordAuthentication yes
SyslogFacility AUTH
save and restart ssh
#/etc/init.d/sshd restart
============================
Reference:
-http://www.server-world.info/en/note?os=CentOS_6&p=ssh&f=4
-http://www.tecmint.com/ssh-passwordless-login-with-putty/