SSH is a network protocol of session layer that allows for a remote control of operating system and TCP-connection tunneling (e.g. in the cases of files exchange).
SSH, also, provides for safe transfer of practically any other network protocol in the unprotected environment.
Very often, for the purpose of managing, when one has to log into a particular computer (or server) the latter generates a password request. In a situation when the logging needs to be performed often, entering the same thing over and over again is quite annoying. And what if you have to access many servers and each of them asks for a unique password?
SSH protocol makes it possible to log into a remote server without entering password (it comes handy, e.g., in the cases of reserve copying and file publication, etc.).
Needless to say that it only takes the above to handle the password issue, for the public key user identification serves for that purpose, too, (the key that will serve as any the user identifier to be recognized by the remote computer).
1. First a web developer has to create a pair of keys - public and private - for the specific user on the client computer.
It's done with the help of utility ssh-keygen.
$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): # Путь где будет сохранен наш ключ <Enter> Created directory '/home/user/.ssh'. Enter passphrase (empty for no passphrase): # Пароль для защиты ключа, если пусто - без пароля Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_rsa. Your public key has been saved in /home/user/.ssh/id_rsa.pub. The key fingerprint is: 63:4b:1c:ea:30:f3:d5:c8:3c:77:73:ea:bb:9c:6f:64 [email protected] The key's randomart image is: +--[ RSA 2048]----+ | . | | = + | | + . S o o | | * + = . +E | | o . .o | | o | | *=. | +-----------------+
To have the key generated, we have used a cryptographic algorithm RSA
The two keys will appear in: id_rsa and id_rsa.pubIn home directory in subcategory .ssh
2. Then we have to copy our open key (id_rsa.pub) on the server, and we'll do the next command for that
$ ssh-copy-id [email protected]
or else, we just copy-paste our public key file into the same server the following way
$ scp ~/.ssh/id_rsa.pub [email protected]:/home/username/.ssh/authorized_keys_user
After that, we can log into the remote computer without entering a password.
$ ssh [email protected]
But sometimes, when the server access port happens to have been changed, the situation gets no more standard. For such cases we need to make use of the key - p XXXX where XXXX is access port to server.