• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 313
  • Last Modified:

SSH Keys

I followed the steps here and now I am locked out:

https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2

In putty do I need to some how upload my key file? What did I do wrong?

I am getting access denied when logging in as root.
0
Starquest321
Asked:
Starquest321
6 Solutions
 
Starquest321Author Commented:
What seems to mess me up is this step:

PermitRootLogin without-password

I changed the file from the orignal:
PermitRootLogin yes

I am trying to understand: do I need a saved copy of the public key on my (windows based ) laptop?
0
 
Manfred BertlManagerCommented:
No, the key will be stored after first login. After that, login works normal.
0
 
Starquest321Author Commented:
So when I do this on the cent os box:
ssh-copy-id user@123.45.56.78

I can "ADD" approved "users" and "ips" for login? Is that how this works?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
Starquest321Author Commented:
Also during the setup in their instructions I added a passpharse. How can I remove that?
0
 
Gerwin Jansen, EE MVETopic Advisor Commented:
>> I added a passpharse. How can I remove that?
You can't remove that passphrase, it is to protect your private key. That's what it is meant for.

Can you logon as a normal user? If so, do that, then su to root and undo that last PermitRootLogin change you made. Restart sshd and test with another session if you can logon now.

When changing sshd config, always keep the session open that you used to change the configuration. So if things go wrong you can undo the changes.
0
 
Starquest321Author Commented:
I undid that last PermitRootLogin .. and I can login fine. Does that still mean I have SSH enabled? How can I check?
0
 
Gerwin Jansen, EE MVETopic Advisor Commented:
>> How can I check?

You logon like this:

ssh your_user@your_host

and then you get a prompt on your_host

all without typing a password.
0
 
Gerwin Jansen, EE MVETopic Advisor Commented:
You are using PuTTY right? Are you running Putty Agent (Pagent) as well?
0
 
Starquest321Author Commented:
I am running Putty. What is Putty Agent ?
0
 
Gerwin Jansen, EE MVETopic Advisor Commented:
Putty Agent is installed with Putty. You use the agent to load your private ssh key(s) and enter the passphrase once. Then you configure Putty to use ssh keys (pointing to your private key) and putty will see that the agent has already loaded the private key. That way you only have to enter the passphrase once and just use putty (saved) sessions to connect to your hosts.
0
 
serialbandCommented:
If you use pageant.exe (Putty Agent), you'll be able to cache the key's passphrase and key your private keys loaded, until you restart pageant, usually when you reboot.
http://winscp.net/eng/docs/ui_pageant  <-- it's the same for putty & winscp.

You could also attach the key to your putty profile.  In the Putty Configuration, under the Connection --> SSH --> Auth, there's a place to attach your private key file.  You can save the profile.  This will load your key with each connection, but you'll have to enter a passphrase each time  http://www.howtoforge.com/ssh_key_based_logins_putty_p3

If you want to change your passphrase, you'll need to use puttygen.exe.  Load the private key.  Enter the current passphrase.  Then in the window change the Key Passphrase and Confirm.  You can also remove the passphrase, by setting it to a blank, but I don't recommend it.  It's much, much better to set a passphrase and use pageant.exe to keep your private key protected.

Make sure you get the putty "suite" either in the zip file or the exe installer.  I use the zip file so I can put it where I want and I don't need administrator permissions to "install" it.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now