Home > Notes > Using SSL to improve the security of SSH login

Using SSL to improve the security of SSH login

Sat, 11 Aug 2012 22:55:46 +0800
I can find out many alerts from system log that there're somebody attempt to try the password of server's root user in the past few months. Therefore, use the SSL certification in SSH is neccessary.

1. Generate the RSA Public Key and Private Key
ssh-keygen -t rsa

then to generate the RSA Pair Key(Public & Private)

2. Rename the Public Key.
SSH use the Public Key File named authorized_keys(in sshd_config), so,
mv id_rsa.pub authorized_keys
or configured in sshd_config

3. sshd_config
Protocol 2
ServerKeyBits 1024

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

PasswordAuthentication no
PermitEmptyPasswords no

4. Restart SSH Service

5. Dwnload the Private Key
Download the Private Key to local and delete it.

6. Putty Client.
   1) Transform the SSH Private Key into Putty(ppk)
       use puttygen to rebuild the local private key.

   2) Configure the Session use SSL certification.
Recent Post
Recent Comments
Copyright Notes
You can reship all of these articles without permission but MUST mark the original link in your post. Please contact with me() if u have advice or other arrangements.
Copyright©2007-2011 lewphee.com All rights reserved.