How to secure your server with private key login authentication. (As like AWS EC2)

ByAnand October 25, 2020January 25, 2022

If you already using EC2 instances on AWS then you aware of how to access the EC2 machine. Whenever you create a new instance on AWS you need to create a new key (or use an existing old key) to login to your server through SSH.

This private key has a .pem extension, with this private key you can log in to your remote server without any password. So If anyone wants to access your server they should have this private key. You can also implement the same secure connection on your own Linux servers or VMs.

Before generating keys you need change some settings on /etc/ssh/sshd_config file. Open file make sure these two lines are configured as showing below.

[linoide@linoide ~]$ sudo vim /etc/ssh/sshd_config
PasswordAuthentication no
PubkeyAuthentication yes

Warning: If you don’t have physical access of your remote server then don’t logout before completing this full process. Because you are disabled login with password authentication as NO. You can’t access your server using ssh if you logged out before completing ssh key process.

Now run “su” on remote server with the user in which you want to generate private key.

Step 1: Generate SSH key on server using below command.

# ssh-keygen -t rsa

It will prompt for key location and passphrase. If you want change them you can or else keep as default.

Step 2: Now copy generated public key to authorized_keys list.

# cat /home/linoide/.ssh/id_rsa.pub >> /home/linoide/.ssh/authorized_keys

Step 3: Set permissions for the files

# chmod 644 /home/anand/.ssh/authorized_keys

Step 4: Now you have to download private key to your local machine. Before that, rename your file as “filename.pem” format.

# scp -r /home/linoide/.ssh/linoide.pem root@<yourserver-ip>:/root/

Step 6: Now login with private key to remote server without password.

You can see in the above image that linoide host logged in from localhost without asking any password.

Suggestions: If you want more secure your connection then you can also change the default port(22) of SSH to any custom port.

How to login with private key using PUTTY.

What if you need to login your remote server from windows server!!

We all use well known PUTTY tool for that. Here we will discuss how to login with private key using PUTTY.

Open PuTTY Key Generator on windows and upload your private .pem file.

Open putty key generator >> Load >> choose file

After file upload, a pop-up will come on display as shown in the below image.

Now download private key by clicking on “save private key”.

Now you are ready to login your host using private key on via PuTTY. Open putty and provide user name and host details.

Extract “SSH” on the left side bar and click on “Auth”

Upload your private key which we generated by PuTTY key generator. And click on “Open” button.

That’s it!!

1,941

CentOS | Linux | Ubuntu

SSH Password-less authentication in easy steps.

ByAnand October 24, 2020January 25, 2022

SSH Password-less authentication is very useful when you are automating tasks between your all remote servers. If you want to run any script or use SCP multiple times then this option will be very useful for you. Once this is implemented that you will never ask a password to login into that particular server. Of…

Linux

Linux Interview Questions.

ByAnand November 1, 2020January 25, 2022

It is not that easy to predict interview questions. Because it all depends on the company’s requirement and also on the panel’s expertise levels. But there are some common questions that most of the time interviewers ask to know your knowledge on Linux Administration. Here I am sharing some top 10 questions which may help…

Linux | Nagios | Ubuntu

How to install Nagios-Plugins in Ubuntu

ByAnand October 20, 2020January 25, 2022

Nagios plugins are like extensions to monitor remote hosts with Nagios core. Let see the installation process for it. Before installing Nagios plugins you should already install and configured Nagios core in your server. How to install Nagios core in ubuntu. Step 1: First, install the require packages using apt # apt install libmcrypt-dev make…

CentOS | Linux

How to protect your server from SSH Brute Force with “Fail2ban”

ByAnand December 7, 2020January 25, 2022

Fail2ban is an open-source tool to prevent servers from brute force attacks. This tool will scan server log files and if found any suspicious attempts then it will block the particular IP for a specific time. Fail2ban also works to prevent dos or DDoS attacks, malicious traffic attacks on websites etc. Depending on the configuration…

Linux

LVM: How to increase SWAP size with Lvextend command

ByAnand October 16, 2020January 25, 2022

LVM: Logical Volume Group, It helps to extend the existing filesystem. To extend the filesystem, free space should available in the Volume group. If free space is not available then you need to add a new PV(physical volume) and then create a new Volume Group (VG). Now let’s see how to extend using ‘lvextend’ Step:1 Type…

CentOS | Linux | Nagios | Ubuntu

How to add windows client to Nagios monitoring.

ByAnand October 24, 2020January 25, 2022

In the previous article, we discussed how to configure linux client host into the Nagios server. This article shows you how to configure windows client with Nagios server. Before configuring the Windows client, will have to look into nagios configuration file once. Because the windows configuration file windows.cfg is by default disabled by nagios configuration….

Similar Posts