Saturday, April 30, 2016


See here first if network has issues

Without password

  1. Client save its public key to remote ssh server.
  2. When ssh login, remote ssh server send client a random string.
  3. Client use its private key to encrypt this random string.
  4. Client send ssh server the encrypted string.
  5. SSH server use saved public key to decrypt.
  6. If decrypt succeed, ssh server allow client to login, without password.

ssh client

Generate key
ssh-keygen -t rsa
generated public and private key will be in ~/.ssh
private key file: id_rsa
public key file:

copy the public key to target ssh-server
ssh-copy-id user1@
this command will copy the public key from client to ssh server, saved in ~/.ssh/authorized_keys

keep public key and private key in ssh-client side

ssh server

Check if SSH is running
sudo netstat -anp | grep sshd
If nothing on port 22, means ssh-server is not running, install ssh-server or start it.

check firewall(iptables which is ufw), make sure ssh can go through

No comments:

Post a Comment