Feature #842
Key-Based Authentication with OpenSSH
Description
This is a short guide on setting up OpenSSH to use only key-based authentication on FreeBSD 10.3.
Prepare the Environment¶
- Make sure the system is up to date:
pkg update && pkg upgrade
Prepare the Client¶
- Change into the non-root user:
su - bob
- Create a SSH key pair:
ssh-keygen -t ed25519
- Copy the SSH key to the remote SSH server:
ssh-copy-id bob@ssh.example.com
- (Optional) If the ssh-copy-id command does not exist on the client machine, run the following to use ssh only:
cat ~/.ssh/id_ed25519.pub | ssh bob@ssh.example.com "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
- (Optional) If the ssh-copy-id command does not exist on the client machine, run the following to use ssh only:
Prepare the Server¶
- ssh into the remote server:
ssh bob@ssh.example.com
- Edit the sshd config:
sudo vi /etc/ssh/sshd_config
- And modify the following values:
PasswordAuthentication no ChallengeResponseAuthentication no
- And modify the following values:
- Restart the ssh server to apply the changes:
service sshd restart
Resources¶
Updated by Daniel Curtis about 8 years ago
- Status changed from New to Resolved
- % Done changed from 0 to 100