Set Up SSH Keys on CentOS 8
1. Create the RSA Key Pair
If you don't already have an RSA Key Pair, open Terminal on your local Mac and run this command.
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/cg1/.ssh/id_rsa):Press Enter to save in the .ssh directory. If you previously had a key, it will be overwritten, and any servers using the old key will no longer be able to authenticate.
Enter passphrase (empty for no passphrase):Enter a password and press Enter. The following output is displayed.
Your identification has been saved in /Users/cg1/.ssh/id_rsa.
Your public key has been saved in /Users/cg1/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256: cg1@
The key's randomart image is:
+---[RSA 2048]----+
| .+..o+.o.. |
|. +. +. .o. |
|.. .. o. ..=oo |
|Eo . . .. +.+ |
| .o. oS . . |
| ....o... . . |
|.o ...+. o |
| .* +.. |
| ..= . |
+----[SHA256]-----+2. Copy the public key to the server
$ ssh-copy-id username@remote_hostEnter your password for the remote server account.
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/cg1/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:
Number of key(s) added: 13. Configure SecureCRT to use the Public KeyAdd a new session, enter Hostname and Username, and deselect all options except for PublicKey.
Click Properties and select the public key file.
When you connect for the first time, you will need to enter the passphrase you created when generating the RSA Key Pair.
Disable password authentication
Once the public key is working, disable password authentication on the server.
sudo vi /etc/ssh/sshd_configChange PasswordAuthentication to no and save the file.
Restart the SSH service.
sudo systemctl restart sshd.service
