LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 03-20-2010, 01:09 PM   #1
saagar
Member
 
Registered: Jul 2008
Location: Chennai, India
Distribution: RHEL5, Ubuntu
Posts: 191

Rep: Reputation: 36
Query related to ssh private-public key authentication


Hi Friends,
I have been instructed to work on a remote server via ssh for which a key has been sent to me via email. It was actually a private key. So, I copied that key from the email and put it to my desktop in the name "ssh-key." As per the instruction, following is the ssh command to log in to the remote server :

ssh root@<remoteServerName> -i /home/saagar/Desktop/ssh-key

where ssh-key is the file with the content i copied from email. I can succesfully log in to the server.

My question is how this private key method of authentication works..??

I am aware and also used to the conventional method of putting our public key in the authorized_keys list of the remote server's .ssh directory, but not this way. I tried to google, but in vain.
I tried to simulate this in my lan but still it asks for a password....

please help..

Last edited by saagar; 03-20-2010 at 01:12 PM.
 
Old 03-20-2010, 07:05 PM   #2
neonsignal
Senior Member
 
Registered: Jan 2005
Location: Melbourne, Australia
Distribution: Debian Wheezy (Fluxbox WM)
Posts: 1,364
Blog Entries: 52

Rep: Reputation: 354Reputation: 354Reputation: 354Reputation: 354
It works the same as adding your public key to the remote server.

What they have done is to generate a private key for you, and they have the public key twin of this key in their authorized keys. So when you log in, you are using a different private key from your normal one (using the '-i' flag). It is still a private key, and should be protected appropriately, eg by removing read permissions from group/other (and not sending it by email!).

Last edited by neonsignal; 03-20-2010 at 08:53 PM.
 
1 members found this post helpful.
Old 03-20-2010, 08:45 PM   #3
saagar
Member
 
Registered: Jul 2008
Location: Chennai, India
Distribution: RHEL5, Ubuntu
Posts: 191

Original Poster
Rep: Reputation: 36
neonsignal,
Thats great. Got a very clear idea. thanks a lot. I was googling for about 2 hours in vain. so happy to be a part of linuxquestions.
 
Old 03-23-2010, 11:59 AM   #4
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,395
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
And now, you will have no way to generate a private-public key pair for yourself to use passwordless public-key logins to any other host. The usual way to accomplish what you want is to generate the key pair at the client end, and then distribute the public key to multiple hosts.

--- rod.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Private/Public key vs. Password authentication w/ SSH MykeV Linux - Security 5 11-25-2007 12:49 PM
need help with SSH private/public key taduser Linux - Security 2 04-02-2007 08:07 PM
SSH public / private key authentication problems thronh Linux - Security 7 06-14-2006 12:21 PM
SSH public/private key authentication with GnuPG keys? thinksincode Linux - Security 1 02-25-2005 03:33 PM
public/private key authentication with PuTTY NetAX Linux - Security 5 10-27-2004 07:00 PM


All times are GMT -5. The time now is 02:46 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration