GENERATING A PAIR OF SSH KEYS (PUBLIC/PRIVATE)
- Layout for this exercise:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUrTJHD6TGPe_IY9waJXzrj8UWlgCxHf7aVjdAq_z3vFyytPOJvq0lXxRrIl-BNcYrBP3RSWsegXWHtQFbk_ymYjfOCnp4jhevjBZmJOnE-lCBXIicTj8ibkH9eU1MnE2F-vM_BjMbY7lq/s1600/debian.jpg)
- Public key cryptography or asymmetrical cryptography is a cryptographic system that uses a pair of keys.
- Public keys may be disseminated widely, and private keys are known only to the owner.
- This accomplishes two functions: authentication, which is when the public key is used to verify that a holder of the paired private key sent the message, and encryption, whereby only the holder of the paired private key can decrypt the message encrypted with the public key:
https://en.wikipedia.org/wiki/Public-key_cryptography
- Generating a pair of keys (private and public) according to the RSA asymmetric cryptographic algorithm. Notice that a passphrase is optionally asked for:
https://en.wikipedia.org/wiki/RSA_(cryptosystem)
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKIpUTCnVj_HShzQhYMR7_S1diQ82nfOtpvO6lOyNNkw7RkOO62p7PTel9oSMrXa99A_mAIGmPsydO5eCmbJAyzf5nPIfV3W3IeQluhdlVR-IJfePoMAaJXTsU8fomPjGKfsMOVBuA8pIH/s1600/screenshot.1.jpg)
- The two keys are stored into the folder .ssh:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHadQ9VbK7hhuki4-xNdWlaiBDskXGpklWwM39D8X55oCxozGa4_Ht2bMdmV6aD55ksfILlRhSIqWMepx4bVljoBiXhxNOPlzLeh_wxuWimL1QHSZwIohvCUv8vz4QiKRbrjSRJJB2s0_W/s400/screenshot.2.jpg)
- The private key:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjR2gDMFRJTt9meWKKWFtJFFzX5yUAXZgBI9Q0jQ1ELZ72QzL1roVwe6WWS_I181o2vGSnq_mF0ge6uq3I2G0mIYOhzecs3tUsqAJ9UtBmp-QoFikUkKTnOYKoU56Fmorw1K7KxAcWsWLxV/s1600/screenshot.3.jpg)
- The public key:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcxj7a4aeWhY9GGWx9Ax4meW8dgL6l1Q0N8EEEfhwilz-7-A9sfBrL_3nKwP37aFXJyHgMhxByOIA9RWmH1Mg9QZ-SEC7EawKhNs1dinU7oaJKJEdz9TmGQHYYSnSgWuv3pEMUd-fWWj4P/s1600/screenshot.4.jpg)
- Checking the IP:
- Copying the public key so that locally available keys are used to authorize logins on remote machines:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFYB38ZbiQkr7krozrJ_2UG1q8_tWilTk_bFvxcT7vYQnQOjl7CA3BYA9ZCFEmGrrneHWwL3E836utBFLjBiRVJI_-0zb_X-6bJw94DfGmSkC8iekEarzLd0QHPvi4gA1etPcQkDKpSHW_/s1600/screenshot.5.jpg)
- Trying the SSH connection:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPf5kyx_9jreomxOABGuu2DK6IInr0d1cJlLKUuM7YMp69QPhL4pY51pD_NIn27VJ9KtQMhZIMKDhYnMmaExlIjyZOxEpkiP4qArKeRPGlwkpQ_5OSAtWdEVXpRJdA6ttfSQzcVu0ibf-o/s1600/screenshot.17.jpg)
- The passphrase is required to unlock the private key:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_kvZT5C5IRWYLLfsNQhHByJC-h_rlxZQrA0N2QmbEtTBKiR5oCF1o9uVJrSk3-pICeS51Yp_FEPQaXgdmpVwl-TMOoU-X7_nVpOkpkll8kidDuMDISrhTxyeyVNyVQ7YiCu2Pv4R-NO_0/s1600/screenshot.27.jpg)
- Entering the passphrase (without password !!) the SSH connection is successful:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2aOB_PjiHXQLge9z2ouENSjtJHLLqatLi1YKyg64dUKRPhCKsHwz5082VoU6X00uh0wG6nC4PwDowTkze6cSaHm3lY9IOk44JW2o6UHtg-4qSBujBVYa5Strg1laeQgCAd4gLA3yIb8o_/s400/screenshot.32.jpg)
- Let's see that the public key was actually added:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiubcTy3Q9P2LRQIBBVUDsEkRWBwdImhjHktMImbro2ojzJQTq-gZDo6kRppOhuyHpJ3GmwjwKKwUAfndzWtmxAnQ-s3c6e72cREvKBwUQPnKmD0hbMpkUtQb4FyHfsgoyQisYOYotJqruv/s400/screenshot.13.jpg)
- The authorized key matches the public key (id_rsa)obtained previously:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdA_F0cqamS7-g7Wmj4EWI0kUYxSaDN5YcNwYj7qE9f4niiCyVvTRpt8E2tcFGKMnv00f0OF0r0YtxGmsKHCHxcrCcJjkg2wdzXvZ3Ormw2kOMJ4xviHEayHBT67MzGQswiqS7hwE_xMY4/s1600/screenshot.14.jpg)
- Connecting from other server:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhie0bXUKSXlKLibqdsXr42i17STse9mZtLoXxhis6BEJLA8YuDWBvQUvaAV0EWg7bgju9WtEDqRRZlmO-izUQQj9Mj85KB3QRT1UQ-TfQHrwG8IxCOS1wCD8dhGQUkVNALHc0PgjkJriSt/s1600/screenshot.18.jpg)