If you don't already have an RSA Key Pair, open Terminal on your local Mac and run this command.
$ ssh-keygen
Generating public/private rsa key pair. Enter file in which to save the key (/cg1/.ssh/id_rsa):
Press Enter to save in the .ssh directory. If you previously had a key, it will be overwritten, and any servers using the old key will no longer be able to authenticate.
Enter passphrase (empty for no passphrase):
Your identification has been saved in /Users/cg1/.ssh/id_rsa.
Your public key has been saved in /Users/cg1/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256: cg1@
The key's randomart image is:
+---[RSA 2048]----+
| .+..o+.o.. |
|. +. +. .o. |
|.. .. o. ..=oo |
|Eo . . .. +.+ |
| .o. oS . . |
| ....o... . . |
|.o ...+. o |
| .* +.. |
| ..= . |
+----[SHA256]-----+
2. Copy the public key to the server
$ ssh-copy-id username@remote_host
Enter your password for your account on the remote server.
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/cg1/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
cg1@10.6.0.25's password:
Number of key(s) added: 1
3. Configure SecureCRT to use the Public Key
Add a new session, enter Hostname and Username, and deselect all options except for PublicKey.
Click Properties and select the public key file.
When you connect for the first time, you will need to enter the passphrase you created when generating the RSA Key Pair.
Disable password authentication
Once the public key is working, disable password authentication on the server.
sudo vi /etc/ssh/sshd_config
Change PasswordAuthentication to no and save the file.
Restart the SSH service.
sudo systemctl restart sshd.service
Comments
Post a Comment