Setup SSH authentication with PEM RSA file without password on ubuntu/linux Raspberry Pi Server
Wall Script
Wall Script
Monday, April 26, 2021

Setup SSH authentication with PEM RSA file without password on ubuntu/linux Raspberry Pi Server

Recently I have been working with Raspberry PI and creating my own home server to host some of my demo projects. This post is about setting up SSH authentication with a PEM certificate file without password on ubuntu/linux server. Implement the following steps and improve the security.

Setup SSH login with pem RSA file without password on ubuntu/linux server


Step 1: Login to Ubuntu/Raspberry account
Stay with same user. 
ubuntu@ubuntu:/# 

Step 2: Generate RSA pem file
Give empty password.
ubuntu@ubuntu:/# ssh-keygen -m PEM


Key has comment 'ubutu@ubuntu'
Enter new passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved with the new passphrase.

root@ubuntu:/#

Step 3: Copy Public Key to Authorize_Keys
You have to include public key to system autorize_keys. 
ubuntu@ubuntu:/#cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

Step 4: Open RSA private key Copy this PEM file and store it in your local system.
$cat ~/.ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
Mxyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyK
Mxyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyK
Mxyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyz9xyK
NmyVmUKFzZuuq9Dm1I/AVE7hRfIa2Ks5CPumpKDG6wcmRMhbe7jZZKMqAudVKecq
VeM1ub6G5j75jm18lkODDK9ISxGdyiOJoTkx1QDq1syOlWFIFHhrzlL4SI+ipo76
....
....
....
-----END RSA PRIVATE KEY-----


Step 5: Restart SSH service
sudo service ssh restart

Step 6: Create a key.pem file Use system editor and copy Step: 3 certificate and paste here. Use ESC Key + wq! command to save the file.
$vi mykey.pem

Step 7: Give owner has full read and write access to the file
Use the following command for linux or macOS. Windows connect using Putty and create ppk file.
$sudo chmod 600 mykey.pem

Step 8: Connect your Ubuntu/Linux server
User:~/Keys$ ssh ubuntu@IP_ADDRESS
ubuntu@IP_ADDRESS's password:*****
Linux ubuntu 21+ #1399 SMP Thu Jan 28 12:09:48 GMT 2021 armv7l

ubuntu@ubuntu:~ $ exit
logout
Connection to IP_ADDRESS closed.

Step 9: Disable Password Authentication
$sudo vi /etc/ssh/sshd_config
or
// Ubuntu
$sudo vi /etc/ssh/sshd_config.d/50-cloud-init.conf

Update PasswordAuthentication from “yes” to “no” as below:

PasswordAuthentication no

Step 10: Restart Linux Server
$sudo reboot

Step 11: Now you will get permission denied
User:~/Keys$ ssh ubuntu@IP_ADDRESS
ubuntu@IP_ADDRESS: Permission denied (publickey).

Step 12: Now you can authenticate with PEM file
User:~/Keys$ ssh -i mykey.pem ubuntu@IP_ADDRESS
Linux ubuntu 21+ #1399 SMP Thu Jan 28 12:09:48 GMT 2021 armv7l
Build info: Fri Nov 20 09:43:06 UTC 2020 @
Last login: Tue Mar 9 00:23:49 2021 from 192.168.1.73
ubuntu@ubuntu:~ $ 
web notification

4 comments:

mailxengine Youtueb channel
Make in India
X