Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Securing and Optimizing Linux: RedHat Edition -A Hands on Guide
PrevChapter 15. Software -SecuritiesNext

15.6. OpenSSH Per-User Configuration

  1. Create your private & public keys of local, by executing: 
              [root@deep] /#su admin
          [admin@deep /]$ssh-keygen
    The result should look like the following example: 
    
          
          Initializing random number generator...
          Generating p:  ............................++ (distance 430)
          Generating q:  ......................++ (distance 456)
          Computing the keys...
          Testing the keys...
          Key generation complete.
          Enter file in which to save the key (/home/admin/.ssh/identity): [Press Enter]
          Enter passphrase: 
          Enter the same passphrase again: 
          Your identification has been saved in /home/admin/.ssh/identity.
          Your public key is:
          1024 37 14937757511251955533691120318477293862290049394715136511145806108870001764378494676831297577843158532
          2723612061006231460440536487184367748423324091941848098890786099717524446977589647127757030728779973708569993
          017043141563536333068888944038178461608592483844590202154102756903055846534063365635584899765402181 
          
              [email protected]
          Your public key has been saved in /home/admin/.ssh/identity.pub

    Note: If you have multiple accounts you might want to create a separate key on each of them. You may want to have separate keys for:

    • Your Mail server

    • Your Web server

    • Your GW server

    This allows you to limit access between these servers, e.g. not allowing the Mail account to access your Web account or the machines in the GW. This enhances the overall security in the case any of your authentication keys are compromised for any reason.

  2. Copy your local public keys identity.pub to the /home/admin/.ssh directory remotely under the name, say, authorized_keys.

    Tip: One way to copy the file is to use the ftp command or you might need to send your public key in electronic mail to the administrator of the system. Just include the contents of the ~/.ssh/identity.pub file in the message.

You might feel the need to Change your pass-phrase for various reason and can do so at any time by using the -p option of ssh-keygen. To change the pass-phrase, use the command: 
          [root@deep] /#su admin
          [admin@deep /]$ssh-keygen -p
          

          Enter file key is in /home/admin/.ssh/identity: [Press ENTER]
          Enter old passphrase:
          Key has comment '[email protected]'
          Enter new passphrase:
          Enter the same passphrase again:
          Your identification has been saved with the new passphrase.

PrevHomeNext
Configure OpenSSH to use TCP-Wrappers/inetd super serverUpOpenSSH Users Tools
  
 
  Published under the terms of the Open Publication License Design by Interspire