
How to Set Up and Use SSH
Step 3 — User Work with SSH Keys
Protect the Accounts
If you haven't done it yet, now would be a good time to disable all unneeded accounts and make sure that all accounts still in use have strong passwords. Attackers are trying constantly to guess passwords. See the earlier section for details.
Create the Keys
The user needs to generate SSH public/private key pairs. Use the following command sequence. Provide a strong passphrase, since security rests on this being extremely difficult to guess. Unless you really want to greatly confuse and inconvenience yourself, use the same passphrase for all key pairs! Accept the default locations for key storage:
$ cd ~/.ssh $ ssh-keygen -t rsa $ ssh-keygen -t ecdsa -b 521 $ ssh-keygen -t ed25519 $ sort -u authorized_keys *.pub -o authorized_keys $ chmod 644 authorized_keys
The sort
command will retain any other keys
already in your authorized_keys
file.
Permission mode matters on that file, the SSH daemon
will refuse to pay attention to files with
inappropriate permission settings.
Stay Up To Date
The above command sequence did not generate a
DSA key pair, also called SSH-DSS.
OpenSSH 7.0 dropped support for DSS.
Yes, ssh-keygen
can create DSS key pairs,
and you can configure an SSH server to accept
those keys, but you don't want to do that.
Stay up to date. Use trusted cryptography.
Here's what the above sequence generated:
2048-bit RSA key pair.
With OpenSSH 7.0 and later, ssh-keygen
generates 2048-bit RSA key pairs by default.
You could specify -b 4096
,
but 2048 bits is considered strong enough today.
521-bit ECDSA key pair. Yes, that's really 521 and not 512! A simple answer is "Because that's what everyone does." To be official, the P521 elliptic curve is specified by NIST. The mathematical reason behind that is that 2251 - 1 is a Mersenne prime.
256-bit Ed25519 key pair. That's another elliptic curve system, considered to be as strong as RSA with a roughly 3000-bit key, and thought to be stronger than 521-bit ECDSA. See the SafeCurves web page for comparison of elliptic curve systems, including how Curve25519 is more trusted than the NIST P521.
For much more discussion on why DSA was dropped and the
relative security of RSA, ECDSA (P521),
and Ed25519 (Curve25519), see:
StackExchange 5096
StackExchange 23383
StackExchange 50878
Distribute the Keys
Once those keys are generated, the entire directory
~/.ssh
must be copied into place on all systems.
If you are using NFS and automounting, this is already done!
If you are not, then the administrator might need to get
involved briefly.
At every login, if keychain
is installed
the user will be prompted for their password.
If not, the user simply runs this command:
$ ssh-add
Type your SSH key passphrase
(what you typed back when you generated the keys).
Now everything is automatic!
Commands like
ssh,
scp,
and sftp
automatically authenticate with keys
without any password-typing by you!
Test it like this:
$ ssh-add -l 2048 SHA256:iPhC3AyXUos7/1aaO4qeoEJcb0bp4SAv0fmpjih9tC8 /home/cromwell/.ssh/id_rsa (RSA) 521 SHA256:TGjRDHyS+OLaYWDct7G7NZN1k+vSS2R9PJcOBkfCmKE /home/cromwell/.ssh/id_ecdsa (ECDSA) 256 SHA256:+o3rP/Mz5bpp+Vwj3XuOsO6zeT1gnwrcutKiRuHD3jM cromwell@kc9rg.org (ED25519)