SSH Configuration in CentOS

Posted on by amirulmaula

In this article, I am going to show how to configure SSH in a server to remotely connect to the client. First I will navigate to the .ssh directory. It is the directory where information about remotely connected devices is kept. 

For the client device, I will make a customized file and edit it. I have named the file ‘config’.  

For editing the file press ‘i’.‘The name of the client device is ‘Client’. Remember, you have to write the syntax Host, HostName, User, and Port as it is. I want to connect as a ‘root’ user. The port here needs not to mention as I am using default port 22. Other than this port any port number beyond 1024 is possible if the port is not assigned.

After editing, press escape button to close and press ‘:x’ to save and exit. I have only written the configuration for one device, multiple device configurations can be written in the same file. 

Now I will ssh to the client device.

Now I will use ‘Keys’ to authenticate the ssh connection between server and client. Keys are used for encrypting and decrypting credentials. The following is the command to make a key.

‘-t’: to make a key; ‘rsa’: the algorithm to make a key. It will make public and private keys. Moreover, it will do the task of encryption and decryption.

The location here is the default location and it is changeable.

The ‘id_rsa’ is the private key and ‘id_rsa.pub’ is the public key. Now it raises a question, “WHAT IS A PUBLIC KEY!”, “WHAT ABOUT A PRIVATE KEY?” First, talk about the private key. A private key is a key that is used for both encryption and decryption. On the other hand, in the public key, two keys are used- one for encryption and the other for decryption. ‘known_hosts’  has the public keys. The passphrase protects the private key i.e ‘id_rsa’. The private key is used for the server and the public key is used by the client. Now I will copy the public key for the client.

Now I will ssh the client.

This time it is asking for a passphrase instead of a password.

The highlighted lines are the public key.

Now I will pre-share the keys so it won’t ask for a passphrase.

I have opened a bash shell in ssh-agent. Next, I have to add cash credentials to the agent, the agent that is running in the bash shell.

The passphrase is the same passphrase as before. Now ssh to the client.

This time it doesn’t ask for a passphrase.

For the more secure connection, I want to establish ssh connectivity only presharing the keys. I have to edit the ‘sshd_config’ in the client device.

I will change the ‘PermitRootLogin yes’ to the following

I have to restart the sshd service.

Now without pre-sharing the keys no one can ssh the client device.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s