Debian | Secure SSH Login with Private Key

Please refer to the steps below on how to configure

  • SSH Login with Private Key
  • Secure FTP (SFTP)
  • SCP

SSH Login with Private Key

Generate the SSH key from Windows 10 Machines with Maboxterm installed

ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/mobaxterm/.ssh/id_rsa): debian
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in debian.
Your public key has been saved in debian.pub.
The key fingerprint is:
SHA256:zjSeZm1ausekXayw6hIb17IltYlDcHnRHWvuTUvlNN0 kwyong@YONG-WIN10
The key's randomart image is:
+---[RSA 2048]----+
|       ..o ...   |
|    . o . . ..  o|
|     o .    o  .E|
|      . .  o   +.|
|     . +So .. o .|
|    o *=*+..o+ . |
|     = *BB+o. o  |
|    o .oo==      |
|     oo.+o       |
+----[SHA256]-----+

Verify the private key (debian) & public key (debian.pub) is created successfully

ls -l /home/mobaxterm/.ssh
total 19
-rw-r--r--    1 kwyong   UsersGrp      1766 Feb  2 21:32 debian
-rw-r--r--    1 kwyong   UsersGrp       399 Feb  2 21:32 debian.pub
drwxr-xr-x    1 kwyong   UsersGrp         0 Jul 22  2019 hostkeys
-rw-r--r--    1 kwyong   UsersGrp      1766 Aug  6  2018 id_rsa
-rw-r--r--    1 kwyong   UsersGrp       381 Aug  9  2018 id_rsa.pub
-rw-r--r--    1 kwyong   UsersGrp     22485 Feb  2 17:18 known_hosts

Copy the public key to Debian with ssh-copy-id

ssh-copy-id -i /home/mobaxterm/.ssh/debian kwyong@192.168.1.230

/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'kwyong@192.168.1.230'"
and check to make sure that only the key(s) you wanted were added.

Login to Debian and verify that /home/keyong/.ssh/authorized_keys is created

kwyong@debian:~$ ls /home/kwyong/.ssh
authorized_keys

Login to Debian with Private Key from Windows 10

ssh -i /home/mobaxterm/.ssh/debian kwyong@192.168.1.1230

Disable the Password Login in Debian and restart ssh

vi /etc/ssh/sshd_config
    PasswordAuthentication no

#Restart SSH 
systemctl restart sshdd 

Login from machines without the private key installed to verify SSH password login had been disabled

[Administrator.LAB-AD01] ➤ ssh kwyong@192.168.1.230
Permission denied (publickey).

Secure FTP (SFTP)

SSH File Transfer Protocol (SFTP) works over the Secure Shell (SSH) data stream to establish a secure connection and provide organizations with a higher level of file transfer protection.

This is because SFTP uses encryption algorithms to securely move data to your server and keep files unreadable during the process, and authentication prevents unauthorized file access during the operation

Verify SFTP is working

sftp -i /home/mobaxterm/.ssh/debian kwyong@192.168.1.230

SCP (Secure Copy)

SCP (secure copy) is a command-line utility that allows you to securely copy files and directories between two locations.

Copy a local file to Remote Server

scp -i /home/mobaxterm/.ssh/debian /home/kwyong/vcsa.key kwyong@192.168.1.230:/tmp

Copy a file from Remote Server to local

scp -i /home/mobaxterm/.ssh/debian kwyong@192.168.1.230:/tmp/test.txt /home/kwyong/test.txt
Scroll to Top