• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

SSH Authentication Files in Linux

by admin

Each user has the ability to create his or her own set of private and public keys. It doesn’t matter whether the user’s client machine is running Linux, MacOS, or Cygwin on Windows. In all three cases, the procedure is exactly the same.

To create the SSH keys simply run the ssh-keygen command as shown below:

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/geek/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/geek/.ssh/id_rsa.
Your public key has been saved in /home/geek/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:oqDpCvAptbE8srN6Z4FNXxgkhPhjh1sEKazfMpxhVI8 geek@geeklab
The key's randomart image is:
+---[RSA 2048]----+
|...*+..          |
|o.+ .+.          |
|.+ oE .o         |
|. B + . .        |
|.=+% ...S        |
|.*O*+...         |
|* Bo..           |
|++..o            |
|B= o             |
+----[SHA256]-----+

There are several different types of keys that you can create, but the default 2048-bit RSA keys are considered as plenty strong enough for the foreseeable future. The private and public SSH keys work the same as we saw with GPG. You’ll keep your private keys to yourself, but you can share the public key with the world, if you so desire. In this case though, I’m only going to share my public key with just one server.

When prompted for the location and name of the keys, I’ll just hit Enter to accept the defaults. You could just leave the private key with a blank passphrase, but that’s not a recommended practice.

The following is a list of files that are used to configure SSH key-based authentication in Linux:

  • ~/.ssh/ — A directory that contains files related to SSH keys.
  • id_rsa — Contains the user’s private key.
  • id_rsa.pub — Contains the user’s public key.
  • authorized_keys — A file on the remote server that lists the public keys that the server accepts. In other words, the server uses this file to authenticate the client.
  • known_hosts — A file on the client that lists the public keys that the client accepts. In other words, the client uses this file to authenticate servers.
  • config — A file on the client that you can use to configure SSH connection settings, such as using an IdentityFile directive to associate multiple keys with specific servers.
Note: The /etc/ssh/ssh_config file is similar to ~/.ssh/config except that it applies globally rather than to a specific user.

Filed Under: Linux

Some more articles you might also be interested in …

  1. Change default kernel (boot with old kernel) in CentOS/RHEL/OEL 5 and 6
  2. lpr Command Examples in Linux
  3. Linux OS Service ‘network’
  4. pscp – ssh_init: Network error: Cannot assign requested address
  5. modprobe Command Examples in Linux
  6. How to Configure YUM to connect to Oracle Public Repository in Oracle Enterprise Linux
  7. dpkg: command not found
  8. Command ‘df -i’ Shows ‘Inode=0’ on BTRFS File System
  9. grub2-mkpasswd-pbkdf2: command not found
  10. ‘Found duplicate PV’ warnings when using LVM with multipath storage in RHEL/CentOS

You May Also Like

Primary Sidebar

Recent Posts

  • powertop Command Examples in Linux
  • powertop: command not found
  • powerstat: command not found
  • powerstat Command Examples in Linux

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright