{"id":945,"date":"2021-03-16T17:38:51","date_gmt":"2021-03-16T16:38:51","guid":{"rendered":"https:\/\/nguenkam.com\/blog\/?p=945"},"modified":"2021-03-16T17:38:51","modified_gmt":"2021-03-16T16:38:51","slug":"create-an-ssh-key-to-connect-to-a-server","status":"publish","type":"post","link":"https:\/\/nguenkam.com\/blog\/index.php\/2021\/03\/16\/create-an-ssh-key-to-connect-to-a-server\/","title":{"rendered":"Create an SSH key to connect to a server"},"content":{"rendered":"\n
Usually we can log in ssh with a login and password. \nBut in this article we will try something different: \nhow to make a login without a password?\nIn fact we will log in with what is called an SSH key, which will be stored on our machine and will prevent us from re-entering the password each time.<\/span><\/pre>\n\n\n\n
KEY COUPLE<\/span><\/h5>\n\n\n\n
We need a couple of keys : a private key and another public key which are linked by a mathematical process. The private key must never be communicated and must be kept secret. The public key can be exchanged with anyone. In fact, the goal will be to put it on the server on which we want to connect.<\/p>\n\n\n\n
CREATE A KEY<\/h5>\n\n\n\n
To create a key, open the terminal and enter the command below, the parameter t specifies the type of encryption and the parameter b the number of bits.<\/p>\n\n\n\n
ssh-keygen -t rsa -b 4096<\/code><\/pre>\n\n\n\n
The program will ask you for a file name, by convention “id_rsa” is used, but you can name your key pair as you wish. <\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Then you have to enter a passphrase, a kind of password in case you have several users on your machine, so that they cannot use your own keys. For the example, leave blank by simply pressing enter, and also confirm the passphrase check.<\/p>\n\n\n\n
<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
key pair has been created!<\/p>\n\n\n\n
PUBLIC KEY<\/span><\/h5>\n\n\n\n
Before we can start connecting with the new SSH key generated, we obviously need to add the public key on the server. The ssh-copy-id <\/strong>command will allow us to place the public key on the remote server, with the -i parameter it allows us to specify the identity file.<\/p>\n\n\n\n
ssh-copy-id -i ~\/.ssh\/test_rsa.pub user_ssh@192.168.20.211<\/code><\/pre>\n\n\n\n
ps: replace user_ssh with your user ssh and the IP 192.168.20.211 with the IP of your server<\/strong><\/em><\/p>\n\n\n\n
Enter the password and confirm the addition of the key, we should see the following message appear.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
We have to check that the key is correctly installed, so let\u00b4s  connect in ssh on the server and go to where the keys are stored.<\/p>\n\n\n\n
cd .ssh<\/code><\/pre>\n\n\n\n
We should see the authorized_keys file, a little bit of VIM to see what’s inside.<\/p>\n\n\n\n
vim authorized_keys<\/code><\/pre>\n\n\n\n
If everything work  well , we should find the contents of our public key in this file, it looks like something like that.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
CONFIGURE THE CONNECTION<\/span><\/h5>\n\n\n\n
Now that everything is ready, Let us  configure the connection with our private key.  let\u00b4s go to the .ssh folder and edit the config file.<\/p>\n\n\n\n
under Linux , let\u00b4s do it with vim<\/p>\n\n\n\n
vim ~\/.ssh\/config<\/code><\/pre>\n\n\n\n
Let\u00b4s add a Host with the name we want (eg: tapion), and specify three options, the User which is the SSH user we use to connect, the Hostname which is the IP address of the server or the domain name and finally the IdentifyFile which is the path to our private key.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
LOG IN<\/span><\/h5>\n\n\n\n
ssh tapion<\/code><\/pre>\n\n\n\n
replace “tapion” with the name of  our host<\/p>\n\n\n\n
<\/p>\n\n\n\n
We just succeeded in configuring an SSH connection on a server. Now we no longer have to enter  password to log in, it is the program that will use our private key to log in.<\/p>\n","protected":false},"excerpt":{"rendered":"
Usually we can log in ssh with a login and password. But in this article we will try something different: how to make a login without a password? In fact we will log in with what is called an SSH key, which will be stored on our machine and will prevent us from re-entering the […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1,31],"tags":[244,242,243,241],"_links":{"self":[{"href":"https:\/\/nguenkam.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/945"}],"collection":[{"href":"https:\/\/nguenkam.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nguenkam.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nguenkam.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nguenkam.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=945"}],"version-history":[{"count":3,"href":"https:\/\/nguenkam.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/945\/revisions"}],"predecessor-version":[{"id":953,"href":"https:\/\/nguenkam.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/945\/revisions\/953"}],"wp:attachment":[{"href":"https:\/\/nguenkam.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=945"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nguenkam.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=945"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nguenkam.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=945"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}