| | 1 | = Secure SHell (SSL) = |
| | 2 | |
| | 3 | In this lab we are using your host machine as the ssh client and your Ubuntu VM as the ssh server. Download following applications |
| | 4 | - PuTTY (the Telnet and SSH client itself) |
| | 5 | - PuTTYgen (an RSA and DSA key generation utility |
| | 6 | |
| | 7 | == Password Based Authentication == |
| | 8 | - Start PuTTY utility, by double-clicking on its .exe file. |
| | 9 | - In the Host Name field, enter the IP address/Hostname of ssh server |
| | 10 | |
| | 11 | |
| | 12 | - Click open. |
| | 13 | - It will ask for username followd by password. |
| | 14 | - Username apnic and password training |
| | 15 | - Logout/close this session. |
| | 16 | |
| | 17 | == Public Key Authentication == |
| | 18 | |
| | 19 | === Generating OpenSSH-compatible Keys for Use with PuTTY === |
| | 20 | To generate a set of RSA keys with PuTTYgen |
| | 21 | |
| | 22 | - Start the PuTTYgen utility, by double-clicking on its .exe file. |
| | 23 | - For Type of key to generate, select SSH-2 RSA. |
| | 24 | - In the Number of bits in a generated key field, specify either 2048 or 4096 (increasing the bits makes it |
| | 25 | harder to crack the key by brute-force methods). |
| | 26 | - Click the Generate button. |
| | 27 | - Move your mouse pointer around in the blank area of the Key section, below the progress bar (to |
| | 28 | generate some randomness) until the progress bar is full. |
| | 29 | - A private/ public key pair has now been generated. |
| | 30 | - In the Key comment field, enter your email address. |
| | 31 | - The Key passphrase field & re-type the same passphrase in the Confirm passphrase field.9. Click the Save private key button and save as private_key . |
| | 32 | - Right-click in the text field labeled Public key for pasting into OpenSSH authorized_keys file and |
| | 33 | choose Select All. |
| | 34 | - Right-click again in the same text field and choose Copy. |
| | 35 | - Open notepad; paste the public key and save it as txt file. |
| | 36 | |
| | 37 | === Save The Public Key On The Server === |
| | 38 | Now, you need to paste the copied public key in the file ~/.ssh/authorized_keys on your server. |
| | 39 | |
| | 40 | - Log in to your destination server using putty with username apnic |
| | 41 | - If your SSH folder does not yet exist, create it manually |
| | 42 | {{{ |
| | 43 | mkdir ~/.ssh |
| | 44 | chmod 0700 ~/.ssh |
| | 45 | touch ~/.ssh/authorized_keys |
| | 46 | chmod 0644 ~/.ssh/authorized_keys |
| | 47 | }}} |
| | 48 | - Paste the SSH public key into your ~/.ssh/authorized_keys file: |
| | 49 | {{{ |
| | 50 | sudo vi ~/.ssh/authorized_keys |
| | 51 | }}} |
| | 52 | - Tap the '''i''' key on your keyboard & right-click your mouse to paste. |
| | 53 | - To save, tap the following keys on your keyboard (in this order): '''Esc, :wq''' Enter. |
| | 54 | |
| | 55 | === Create a PuTTY Profile to Save Your Server’s Settings === |
| | 56 | In PuTTY, you can create (and save) profiles for connections to your various SSH servers, so you don't |
| | 57 | have to remember, and continually re-type, redundant information. |
| | 58 | - Start PuTTY by double-clicking its executable file. |
| | 59 | - PuTTY's initial window is the Session Category (navigate PuTTY's various categories, along the left- |
| | 60 | hand side of the window). |
| | 61 | - In the Host Name field, enter the IP address/Hostname of ssh server |
| | 62 | - Enter the port number in the Port field as 22 .5. Along the left-hand side of the window, select Connection > SSH > Auth |
| | 63 | - Browse your file system and select your previously-created private key. |
| | 64 | - Return to the Session Category and enter a name for this profile in the Saved Sessions field. |
| | 65 | - Click the Save button for the Load, Save or Delete a stored session area. |
| | 66 | Now you can go ahead and log in and you will not be prompted for a password. However, if you had set a |
| | 67 | passphrase on your public key, you will be asked to enter the passphrase at that time (and every time you |
| | 68 | log in, in the future). |
