Configuring SSH Certificates for Secure Login

LinuxLinuxBeginner
Practice Now

Introduction

In this project, you will learn how to configure an SSH certificate for the labex user, so that the labex user does not need to enter a password when SSH logging into the local experimental environment.

👀 Preview

## No password required to log into localhost
$ ssh labex@localhost
labex:project/ $ ssh labex@localhost
Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 5.4.0-162-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage
Last login: Wed Jan 17 21:00:55 2024 from 47.251.57.20
## Log in directly to enter a new shell
labex:~/ $ ls
Code  Desktop  golang  project

ðŸŽŊ Tasks

In this project, you will learn:

  • How to create a .ssh directory in the labex user's home directory
  • How to generate a new SSH key pair
  • How to add the newly generated public key to the authorized_keys file
  • How to restart the SSH service after configuring the SSH certificate
  • How to test the SSH connection without a password

🏆 Achievements

After completing this project, you will be able to:

  • Securely log in to the local experimental environment using SSH certificates
  • Manage the SSH configuration for the labex user
  • Understand the importance of using SSH certificates for secure access to servers

Skills Graph

%%%%{init: {'theme':'neutral'}}%%%% flowchart RL linux(("`Linux`")) -.-> linux/BasicSystemCommandsGroup(["`Basic System Commands`"]) linux(("`Linux`")) -.-> linux/RemoteAccessandNetworkingGroup(["`Remote Access and Networking`"]) linux/BasicSystemCommandsGroup -.-> linux/man("`Manual Access`") linux/RemoteAccessandNetworkingGroup -.-> linux/ssh("`Secure Connecting`") subgraph Lab Skills linux/man -.-> lab-301461{{"`Configuring SSH Certificates for Secure Login`"}} linux/ssh -.-> lab-301461{{"`Configuring SSH Certificates for Secure Login`"}} end

Create SSH Directory and Generate SSH Key Pair

In this step, you will learn how to create a .ssh directory in the labex user's home directory and generate a new SSH key pair.

  1. Open a terminal and log in as the labex user:

    sudo su - labex
  2. Create the .ssh directory:

    mkdir -p ~/.ssh
  3. Generate a new SSH key pair:

    ssh-keygen -t rsa -b 4096 -C "labex@localhost"

    When prompted, press Enter to accept the default file location and leave the passphrase empty.

Add Public Key to authorized_keys

In this step, you will learn how to add the newly generated public key to the authorized_keys file.

  1. Append the public key to the authorized_keys file:

    cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
  2. Set the correct permissions for the authorized_keys file:

    chmod 600 ~/.ssh/authorized_keys
  3. Restart the SSH service:

    sudo service ssh restart

Test the SSH Connection

In this step, you will learn how to test the SSH connection without a password.

  1. Try to log in to the local experimental environment using the labex user:

    ssh labex@localhost

    You should now be able to log in without a password.

  2. Once logged in, you can explore the labex user's home directory:

    ls

    You should see the Code, Desktop, golang, and project directories.

âœĻ Check Solution and Practice

Summary

Congratulations! You have completed this project. You can practice more labs in LabEx to improve your skills.

Other Linux Tutorials you may like