How can I log in to or between Linux servers more securely than using a password?

This does include logging between multiple control servers, control servers, and compute resources, and even logging into virtual servers without the need for a password that can be hacked.


OnApp All Versions

Linux VSs 


An RSA key is a very secure method of logging into a server without a password, while still preventing unauthorized users from accessing the same server. For cloud security, we recommend using SSH keys to access clouds instead of passwords.

To generate an SSH key, you will first need to SSH into the server (you will want to be logged in as the user you want to make the key for. In most cases, it is root).

Then, run the following command:

ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.pub2.
Your public key has been saved in /root/.ssh/
The key fingerprint is:
bd:26:53:4a:a9:83:6d:0e:31:6c:67:77:8c:b5:9b:e7 root@dev10-cp
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|          .      |
|   .     * .     |
|    = o S *      |
|   . B + + +     |
|    o = + = .    |
|     + . + o     |
|      .     E    |

From there, add a key to a new server (make sure you're still logged in as the user you want to access):

ssh-copy-id -i /home/<USER>/.ssh/ root@<NEW SERVER IP>

This will prompt for the password for the second cloud you are adding it to. Then, the key is added and it will allow you to use the key instead of the password.

See Also: