SSH authorized_keys permission

~/.ssh/authorized_keys content:

ssh-rsa <KEY> username@computername

Set correct permission to enable public key SSH login

chmod 400 ~/.ssh/authorized_keys
chmod 700 ~/.ssh

SSH Public Key Auth

This setup enable users to log in to remote machine without having to enter their password.

On local machine, generate public/private key pair:

ssh-keygen -t rsa

or use PuTTYgen

Send to remote machine:

cat ~/.ssh/id_rsa.pub | ssh user@domain "cat - >> ~/.ssh/authorized_keys"

or

scp ~/.ssh/id_rsa.pub user@domain:~/.ssh/authorized_keys

or use WinSCP

Note: when generating public keys using puttygen, reorganize the file content:

ssh-rsa <pub key string> user@domain
# in one line

<pub key string> is:

--- BEGIN ...
Comment: ...
<pub key string>
--- END ...

Set permission:

chmod 600 ~/.ssh/authorized_keys

To login from local machine:

ssh user@domain
# automatically logged in, no password prompt

or using PuTTy:

  • Connection > Data > Auto-login username: user
  • Connection > SSH > Auth > Private key file: *.ppk file generated by puttygen

Extra, SSH server configuration tweak (change those config values).

vim /etc/ssh/sshd_config
PermitRootLogin no
PasswordAuthentication no