In this post I am going to show you how to configure SSH key based authentication on rhel7/centos7. Configuration of SSH key based authentication is little different in rhel7 compared to traditional method of manually copying public key to another server. Users can login using ssh with password and authenticate using public key authentication.
On every server we have two keys private and public. Private key is used as authentication credentials like password which must be kept secret and secure. Public key we need to copy on the server where user want to login and used to verify private key so public key does not need to be secret.
How authentication happens in SSH key key based authentication. SSH server that has public key can issue a challenge that can only be answered by system who is holding private key as a result user can authenticate without password only with the help of public key and system grant login access to the user.
Use ssh-keygen command to generate private and public key as follows
Keys are created by default in user’s .ssh folder. We can provide passphrase during creation of key but that passphrase we have to provide whenever ssh authentication happens so I kept it blank. Keys id_rsa.pub is public key and id_rsa is private key.
To configure passwordless SSH authentication we have to copy id_rsa.pub file to another server. ssh-copy-id is a new command in rhel7 which will by default copy id_rsa.pub key file to another server’s authorized_keys file.
I have created private/public key on rhel1 server and copying public key on rhel2 server.
thats it no need to mention public key name or path to the copy command it automatically take public key for user vish and copied to another rhel2.
When I checked on another server automatically authorized_keys file created if not present already and contains copied public key of user vish from rhel1.
Now just check if you can access another server (rhel2) without password.
Done. Now you can login/access another server (rhel2) without password using public key.