Different key based authentication to remote server
What are the different key based authentication methods for SSH to remote servers?
Overview: The article discusses various key-based authentication methods for SSH to remote servers using Ezeelogin. It covers topics such as global/public keys, private keys, key management, changing the default global key, and adding custom key pairs during the installation process.
1. Ezeelogin global or public key
Step 1(A): Login to Ezeelogin software GUI, navigate to Global key and copy the global key.
Step 1(B): Login to the Ezeelogin backend (ezsh) and keep the selector on all servers and press ' F7 ' or ' * ' to get into the parallel shell
Step 1(C): Run the below command using the parallel shell to copy the public key to all servers. Wait for the parallel shell execution to complete before pressing any key to return to the command line. This will ensure that the public_key is copied across all servers.
echo 'paste_global_key_here' >> ~/.ssh/authorized_keys
2. SSH Private key
Step 2(A): Users can add a remote server with any private key. Copy the public key from /root/.ssh/id_rsa.pub and paste it inside the authorized_keys file of the user in the remote server.
3. Key management or saved key
Step 3(A): User can add a remote server with the private key stored in key management. Save the private keys and use them while adding the servers.
Step 3(B): Navigate to Servers -> Key Management and add the private key along with the passphrase (if the key was generated with a passphrase).
Step 3(C): Add a remote server with the key saved in the key management tab.
4. Change gloabl key
This feature is available only from Ezeelogin Version 7.3.6 and above.
How to change the default Global Key being used to log on to remote servers?
5. Can a user use custom private and public keys in Ezeelogin?
Step 5(A): Users can add a custom key pair during installation only. It cannot be changed to a custom key pair after installation. You would need to generate your own 4096-bit RSA Keys using ssh-keygen
root@gateway:~# ssh-keygen -b 4096 -t rsa -P <enter-strong-pass> -f /root/test-pvt-key
Your identification has been saved in /root/test-pvt-key
Your public key has been saved in /root/test-pvt-key.pub
Step 5(B): Run the Ezeelogin installation package with the following option.
root@gateway:~# sh ezlogin_7.1.6.bin -- -help
-sshkey : Specify the path of SSH private key to be used. Default: generates new key
-sshkeypass : Specify the password (if any) for SSH private key. Default: no password
root@gateway:~# sh ezlogin_7.1.6.bin -- -sshkey /root/test-pvt-key -sshkeypass ads*9s798js0sdf9#$2!sdr@@
Complete the installation. The custom public key would be used when new servers are added in and would be visible under Servers -> Global Key
The private key cannot be decrypted. To get the private key, a new global key pair has to be generated.
Related Articles:
SSH Key rotation to remote servers
Add a server using SSH key pair in ezeelogin