Public Key Encryption Using SSH

Let’s look at what SSH means and why it’s one of the necessities towards securing communication between two remote machines. SSH, commonly known as Secure Socket Shell, is a network protocol that allow users a proper and secure communication mechanism with a remote computer over an unsecured network. One of its core functionalities include providing a secure channel- by authenticating and encrypting the channels between two computers that are usually connected over an open network.

In this article we will be looking as to how we can set up SSH in Linux and demonstrate a process of generating keys and implementing Public Key Encryption.

NOTE: ALL OF THIS IS PERFORMED IN CLIENT SIDE. YOU ONLY NEED TO COPY PUBLIC KEY TO THE SERVER USING ssh-copy-id

Let’s get started by installing ssh in our Linux distribution

sudo apt-get install ssh

And now the fun begins. Once installation is complete, we start ssh.

sudo service ssh start

ssh supports various key generation algorithms like RSA, ECDSA, DSA, . For this tutorial we will be using RSA method. In order to generate key we use

ssh-keygen -t rsa //ssh-keygen also generates rsa as its the default method

First, you will need to enter the path as suggested which you would need to save in .ssh directory.

Now, you will be prompted to enter a passphrase. Remember, it as you will need it to login to the server. Two types of keys are generated after a complete execution of the command. One is public key(which will be named as server.pub in this case as we have provided server as file name. Refer to the image above) and as the name suggests, this key is the one you will be handing the computer where you would want to log in. Another is a private key(named as server), which should be kept with you and only you(or your computer in this case). Combination of public key and private key will be used for authenticating your passphrase.

We then have to give the server our public key. We can copy our public key to the server directly using

ssh-copy-id server@server-ip-address

Note: For some reason, there may be an issue using this command. One of the general reasons is that server may not have .ssh directory in its home path. If the command doesn’t execute, you should manually create .ssh directory in by logging in to server.

You should now be able to login to server using passphrase you assigned while generating key.

ssh server@server-ip-address

Leave a Reply

Your email address will not be published. Required fields are marked *