What is SSH keys
SSH keys serve as a means of identifying yourself to an SSH server using public-key cryptography and challenge-response authentication. One immediate advantage this method has over traditional password authentication is that you can be authenticated by the server without ever having to send your password over the network. Anyone eavesdropping on your connection will not be able to intercept and crack your password because it is never actually transmitted. Additionally, using SSH keys for authentication virtually eliminates the risk posed by brute-force password attacks by drastically reducing the chances of the attacker correctly guessing the proper credentials.
Read more at: https://wiki.archlinux.org/index.php/SSH_keys
What is Putty
PuTTY is a free and open-source terminal emulator, serial console and network file transfer application. It supports several network protocols, including SCP, SSH, Telnet, rlogin, and raw socket connection. It can also connect to a serial port(since version 0.59). The name "PuTTY" has no definitive meaning.
Read more at: https://en.wikipedia.org/wiki/PuTTY
How to set up SSH keys
While it is possible to manage your servers using password-based logins, it is often a better idea to set up and utilize SSH key pairs. SSH keys are more secure than passwords, and can help you log in without having to remember long passwords.
For Windows users, a piece of software called PuTTY is typically used to create SSH sessions which allow you to connect to your server. This same suite of programs can be used to generate SSH keys and remember which keys should be used to connect with your servers.
How SSH Key Pairs Work
SSH key pairs are used as an authentication method by creating two related keys.
The first key is called a private key. The private key is a secret key that is owned and kept safe by the user who creates it. It is used to identify you and is kind of like the wax seals that used to be used to seal letters. It can be used to prove that a connection is legitimately coming from you.
You should not let anyone have your private key, because the other person could then masquerade as you and log into any accounts you have configured with your key. If you need to share access, there are better ways.
The other key is called the public key. This key is veritably associated with your private key. The difference is that you can freely share this key with anyone around the internet.
The only thing that someone else can do with this key is allow you to log into their machine. This is what we will be configuring in this guide, by creating our new servers with our public key already included.
You can download it here :
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
0 comments:
Post a Comment