6.7. Authenticating by Public Key (SSH2 Client, OpenSSH Server)
Problem
You want to authenticate between an SSH2 client (SSH Secure Shell from SSH Communication Security) and an OpenSSH server by public key.
Solution
Create an SSH2 private key on the client machine, if one doesn’t already exist, and install it by appending a line to ~/.ssh2/identification:
$ mkdir -p ~/.ssh2 If it doesn't already exist $ chmod 700 ~/.ssh2 $ cd ~/.ssh2 $ ssh-keygen2 Creates id_dsa_1024_a $ echo "IdKey id_dsa_1024_a" >> identification (Appending)
Copy its public key to the OpenSSH server machine:
$ scp2 id_dsa_1024_a.pub remoteuser@remotehost:.ssh/
Log into the OpenSSH server host and use OpenSSH’s ssh-keygen to import the public key, creating an OpenSSH format key: [Recipe 6.6]
$ ssh2 -l remoteuser remotehost Password:
********
remotehost$ cd ~/.ssh remotehost$ ssh-keygen -i > imported-ssh2-key.pub Enter file in which the key is (/home/smith/.ssh/id_rsa):id_dsa_1024_a.pub
Install the new public key by appending a line to ~/.ssh/authorized_keys:
remotehost$ cat imported-ssh2-key.pub >> authorized_keys (Appending)
Log out and log back in using the new key:
remotehost$ exit $ ssh2 -l remoteuser remotehost
Description
Recall that SSH2 uses the identification file as explained in the sidebar, SSH-2 Key File Formats.
See Also
ssh-keygen(1), ssh-keygen2(1).
Get Linux Security Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.