Acceso por SSH mediante claves

Si no deseas introducir tu usuario y contraseña cada vez que entras por SSH a un servidor, puedes utilizar una clave privada. Vamos a ver cómo se hace, paso a paso:

En el servidor y usuario donde queremos entrar, generamos una nueva clave pública y privada:

-bash-4.1$ ssh-keygen -t rsa -b 2048 -v
Generating public/private rsa key pair.
Enter file in which to save the key (/root/home/hpddpers/.ssh/id_rsa):
/root/home/hpddpers/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/home/hpddpers/.ssh/id_rsa.
Your public key has been saved in /root/home/hpddpers/.ssh/id_rsa.pub.
The key fingerprint is:
35:cb:b3:3b:8b:dd:b3:88:74:63:c2:5b:a8:c6:77:05 [email protected]
The key’s randomart image is:
+–[ RSA 2048]—-+
| |
| |
| o |
| oEo |
| S +. |
| . . o. |
| . = *. |
| oo.Xo=. |
| …+.=ooo |
+—————–+
-bash-4.1$

Como vemos, se han generados los dos ficheros:

-bash-4.1$ ls -la
total 20
drwx——. 2 hpddpers uxsup3 4096 May 7 14:54 .
drwx——. 3 hpddpers uxsup3 4096 Nov 27 2013 ..
-rw——-. 1 hpddpers uxsup3 1593 May 7 14:54 authorized_keys
-rw——-. 1 hpddpers uxsup3 1675 May 7 14:53 id_rsa
-rw-r–r–. 1 hpddpers uxsup3 399 May 7 14:53 id_rsa.pub
-bash-4.1$

  • El contenido del fichero id_rsa.pub lo añado al final del fichero authorized_keys.
  • El fichero id_rsa lo copio al servidor desde donde quiero establecer la conexión SSH y lo renombro como id_rsa_lwctdmt1.pem.
  • A continuación, establezco la conexión SSH utilizando mi fichero de clave privada:

$ ssh -i id_rsa_lwctdmt1.pem lwctdmt1.7236.1286.ecs.hp.com
+———————————————————————+
| |
| Use of this network is restricted to authorized users only. User |
| activity may be monitored and/or recorded. Anyone using this |
| network expressly consents to such monitoring and/or recording. |
| |
| BE ADVISED: if possible criminal activity is detected, these |
| records, along with certain personal information, may be provided |
| to law enforcement officials. |
| |
+———————————————————————+

Last login: Mon May 7 14:59:08 2018 from 155.61.254.23
+———————————————————————+
| |
| Use of this network is restricted to authorized users only. User |
| activity may be monitored and/or recorded. Anyone using this |
| network expressly consents to such monitoring and/or recording. |
| |
| BE ADVISED: if possible criminal activity is detected, these |
| records, along with certain personal information, may be provided |
| to law enforcement officials. |
| |
+———————————————————————+

-bash-4.1$ hostname
lwctdmt1
-bash-4.1$

¿Te ha gustado? ¡Compártelo!

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp
Share on telegram
Share on email

SUSCRÍBETE A PUERTO53

Recibe un email periódico con los artículos más interesantes de Puerto53.com

Antes de suscribirte lee los términos y condiciones. Gracias.

Contenido Relacionado

Artículos Recientes

Deja un comentario

About Author