Set up SSH public-key authentication to connect to a remote system

Table of content:

  1. Introduction

  2. Introduction to Encryption-Decryption

  3. Setup public key

  4. Connect to SSH

Introduction

In the previous article we have setup our SSH Server successfully and to connect with the server we have used username and password . But a more secure way to connect to SSH is by using public-key authentication.

SSH is a Cryptographic network protocol means encrypted data will be transferred over a secure network.

Before we implement this method we must know what is encryption and decryption and what are their types and what are the benefits of encryption .

Introduction to Encryption-Decryption

Encryption in easy word can be explained as a function which takes a text as input and produce some output according to the algorithm used.

To understand properly let’s assume two friends A and B and they are communicating with each other over a network.




Computer A wants to send a message “ABC” to Computer B. But

they both want that  message must remain between them only.

So computer A Encrypts “ABC” as “ZYX” and then Computer A send

“ZYX” to Computer B Now if attacker try to intercept the messag

age then attacker will receive the message “ZYX” not the actual message . Now suppose Computer B receives the message “ZYX” but computer B doesn’t know what does this mean ,How to decrypt this message.Now the actual problem arises when Computer A Sends the Encrypted Message then it must send the algorithm by which it has encoded the text So now packet have two things

1. Encrypted message

2. Function to encrypt the message (means A->Z,B->Y,C->X)

Now if the packet is intercepted by the attacker then he can easily decode or can decrypt the encrypted text , This means now he knows that “ZYX” means “ABC” .

This Method is known as “Symmetric encryption” means there is only 1 key  ,that is public key that needs to be shared over the network means Message can be encrypted and can be decrypted by only public key . Now that’s the main problem The key and the encrypted text can be intercepted and can be decoded easily by the attacker.

Second  method is “Asymmetric Encryption” . In this method there are two keys

i) Public key

ii) Private Key

This method uses these two keys to encrypt/decrypt the data.

Public key is used for Encryption and Private key is used for decryption.Private Key needs to be protected so that only authenticated recipient can decrypt the message,

and Public key can be shared over the network for encryption purpose.

Now we have basic knowledge of encryption decryption so in next step we will implement SSH public key authentication.


Setup Public Key

For this complete demonstration we will use two Machine

1. Kali Linux

2. Metasploitable2 ( for SSH Server )

First of all we will create two keys one is Private Key and another one is Public Key ,that will be shared between the two machines.

Command used to create the keys:

ssh-keygen -t rsa -b 4096

  1. -b bits Specifies the number of bits in the key to create. For RSA keys, the minimum size is 1024 bits and the default is 3072 bits. Generally, 3072 bits is considered sufficient.

  2. -t dsa | ecdsa | ed25519 | rsa Specifies the type of key to create. The possible values are “dsa”, “ecdsa”, “ed25519”, or “rsa”.


Key is saved in a folder with name “.ssh” let’s change our directory to “.ssh” by using the cd command


We can see that there are two files id_rsa and id_rsa.pub

1st file contains our private key and second file with extension .pub contains the public key . Now the public needs to be shared with the second machine that is metasploitable2 machine. We will transfer the “id_rsa.pub” file to the .ssh folder of metasploitable2 machine. As I have access to the shell of msfadmin user of the machine metasploitable2 so I can transfer the public key easily by using the “scp” utility.

scp id_rsa.pub msfadmin@192.168.43.235:/home/msfadmin/.ssh/uploaded_keys.pub

  1. here 192.168.43.235 is the IP address of metasploitable2 machine

  2. :/home/msfadmin/.ssh/upload_keys.pub specify the file where we want to copy the id_rsa.pub file

Now the id_rsa.pub is present in the metasploitable2 machine in the file uploaded_keys.pub .now we will transfer this key in the authorized_keys file present in the metasploitable2 machine by using the command :

Cat uploaded_keys.pub > authorized_keys

After this we need to set permission by using the command “chmod” as show in the below image

  1. Read:4

  2. Write:2

  3. Execute:1

This means for .ssh we have set rwx permission to user and no permission to groups and others i.e 0 so it becomes 700

Similarly for 600 only read and write permission to user and permission to groups and others for all the files present inside the .ssh directory


Connect to SSH

Now we can connect to the SSH Server without using any password.


-i identity_file Selects a file from which the identity (private key) for public key authentication is read. The default is ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and ~/.ssh/id_rsa.

We can see that it doesn’t ask us for any password because the keys are already exchanged between the machines over a secure network.


So this is all about SSH public-key authentication.

Recent Posts

See All

Website change notice

As you all know that our website is providing walkthrough of different challenges from different platforms and without any advertisement but due to some funds issue we can't continue this website :( S

Subscribe to HacLabs newsletter

Get priority notification on the release of the latest articles.

  • YouTube
  • Twitter
  • Instagram
  • Linkedin

© 2020 by HacLabs.