SSH

[encrypted communication between server and client]

Installing ssh :-
#sudo apt-get install ssh
#sudo ssh <serverhostname> : To login the remote machine

Installing ssh-server :-
#sudo apt-get install openssh-server

To avoid Using passwords:
#ssh-keygen : To create a lock (id_rsa.pub) and the key (id_rsa)
The lock has to be added among the other locks ie append the contents of new id_rsa.pub into the ~/.ssh/authorized_keys file.

Note: There will be 2 files inside the ~/.ssh/ dir – they are authorized_keys and known_hosts. The known_hosts is the file where new remote machine’s fingerprint are added.

Download the key (id_rsa) to desired location and change its ownership – Thus ssh without password is made possible.

1: John types ssh 10.10.0.1
2: 10.10.0.1 sends its public key to john
3: John’s computer sees that this key is not in the trusted list
4: John elects to trust the key
5: John’s computer uses the server’s public key to encrypt user name, password (his login for the server – this has nothing to do with SSH encryption). Also, John’s computer includes John’s public key with this transmission (Although there is really no need to encrypt public keys)
6: The server receives the packet sent by John, and uses it’s own private key to decrypt the information.
7: The server then uses John’s public key to encrypt the successful login message, and sends this to John.
8: John’s computer uses John’s private key to decrypt the message sent by the server.
9: John sees the “Login Successful” message on his screen.

Alestic – Upload personal SSH keys to an EC2 instance.

Alestic – Reterieve Public key of an ec2

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s