Thursday, June 9, 2016

Secure Shell: authorized_keys: Placing the public key on the remote server

Commands:

$ ssh username@remote.servername.com
username@remote.servername.com's password:
Welcome to Ubuntu 16.04 LTS (GNU/Linux 4.4.0-22-generic x86_64)

 * Documentation:  https://help.ubuntu.com/
Last login: Tue May 17 21:41:16 2016 from 123.456.789.01


$ ls -al
合計 40
drwxr-xr-x 4 username username 4096  6月  9 21:04 .
drwxr-xr-x 3 root root 4096  5月 12 22:42 ..
-rw------- 1 username username 1770  5月 17 21:40 .bash_history
-rw-r--r-- 1 username username  220  5月 12 22:42 .bash_logout
-rw-r--r-- 1 username username 3771  5月 12 22:42 .bashrc
drwx------ 2 username username 4096  5月 12 22:50 .cache
drwxrwxr-x 2 username username 4096  5月 17 00:09 .nano
-rw-r--r-- 1 username username  675  5月 12 22:42 .profile
-rw-rw-r-- 1 username username   66  5月 17 00:09 .selected_editor
-rw-r--r-- 1 username username    0  5月 12 22:52 .sudo_as_admin_successful
-rw-r--r-- 1 username username  400  6月  9 21:04 id_rsa.pub


$ cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yd2EAAAADAQABAAABAQDNN6bT33VQ4CXWmFBx0H428yw/SHwARc91vc/Z/CExXrjUb3uhUaHb4EHCl7/pXpJgyyRr6dE5sl2FlE3jPWua2ooZ3uXof7NkiK2WMPVDpWZeKE2zxynEg5yPw41AtwyxI+Y15Hbt4WNEEhXsHunCu+ekGf3d3w67VCxGz8aA1Tbxe6zOs3e9VXNrgQW99ycD5xtXAXh8x5Jt+HhgAma5P7+gQ0rSMKSYsxKxr7TcR1k5yg9uC02u8NgqjuQDXoqLO9I+CGxv1rfFyl6n8fUlclPFgftJzYK9JuzHxEl3yMFSH/izSviYKp0MTph1dH3UWa5DiIAf8blDmZVkPCkT


$ mkdir .ssh
$ chmod 700 .ssh/
$ cat id_rsa.pub >> .ssh/authorized_keys
$ chmod 600 .ssh/authorized_keys
$ cd .ssh/


$ ls -al
合計 12
drwx------ 2 username username 4096  6月  9 21:36 .
drwxr-xr-x 5 username username 4096  6月  9 21:35 ..
-rw------- 1 username username  400  6月  9 21:36 authorized_keys


$ cat authorized_keys
ssh-rsa AAAAB3NzaC1yd2EAAAADAQABAAABAQDNN6bT33VQ4CXWmFBx0H428yw/SHwARc91vc/Z/CExXrjUb3uhUaHb4EHCl7/pXpJgyyRr6dE5sl2FlE3jPWua2ooZ3uXof7NkiK2WMPVDpWZeKE2zxynEg5yPw41AtwyxI+Y15Hbt4WNEEhXsHunCu+ekGf3d3w67VCxGz8aA1Tbxe6zOs3e9VXNrgQW99ycD5xtXAXh8x5Jt+HhgAma5P7+gQ0rSMKSYsxKxr7TcR1k5yg9uC02u8NgqjuQDXoqLO9I+CGxv1rfFyl6n8fUlclPFgftJzYK9JuzHxEl3yMFSH/izSviYKp0MTph1dH3UWa5DiIAf8blDmZVkPCkT


Man page (sshd):


~/.ssh/authorized_keys
Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used for logging in as this user.  The format of this file is described above.  The content of the file is not highly sensitive, but the recommended permissions are read/write for the user, and not accessible by others. If this file, the ~/.ssh directory, or the user's home directory are writable by other users, then the file could be modified or replaced by unauthorized users.  In this case, sshd will not allow it to be used unless the StrictModes option has been set to “no”.