arrow_upward

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Passwordless login to VPS
#1
Hello everyone,

In this tutorial I'm going to show that how can you create passwordless login to VPS.

1. Download PuTTY Key Generator from here: http://the.earth.li/~sgtatham/putty/late...ttygen.exe
And then start it.
[Image: K_pkiv_g_s001_www.kepfeltoltes.hu_.jpg]

2. You can change "number of bits in a generated key" to "4096" if you would like to be more secure.
[Image: K_pkiv_g_s002_www.kepfeltoltes.hu_.png]

3. Then click to  Generate and make some random moves with your mouse.

4. When It's finished, then save Public and then save Private key to a safe location on your HDD and to a second place too, for example a flashdrive.
It will ask that "Are you sure that you want to save this key without passphrase to protect it?".
Simple click to Yes.

5. Create a new text file with authorized_keys.txt name and copy the PuTTY Key Generator's windows content into this file.

6. Login to your VPS over SSH with root.

7. Enter these commands:
pwd
To check where you are, you must be in your home directory
cd ~
If you are not in home, then you must go there
mkdir .ssh
To create a new .ssh directory
nano .ssh/authorized_keys
To create and edit authorized_keys file
(if you get a "-bash: nano: command not found" error then you must first install nano with "apt-get install nano" command)
Simple copy your authorized_keys.txt file's content to this newly created file or you can copy directly from PuTTY Key Generator's windows content into this file.
Save and exit.

8. Enter these command to modify permissions
chmod -R 700 .ssh/

9. Open and edit sshd_config file
nano /etc/ssh/sshd_config
Search the PermitRootLogin line.
Delete "Yes" or "No" and replace with "without-password".
PermitRootLogin without-password
Save changes and exit from nano.

9. Restart your VPS
reboot

10. Locate your private key in Putty
[Image: 816138115K_pkiv_g_sputtysaveprivatekey00...es.hu_.png]
/Connection/SSH/Auth/Browse

11. Save connection in Putty and Connect
[Image: K_pkiv_g_sputtyconnect004_www.kepfeltoltes.hu_.png]
In this example I entered Google's DNS IP address (8.8.8.8). You have to replace it with your own VPS's IP address.
If you changed your SSH port in the previous tutorial then don't forget to use the right port.
Under the "Saved Sessions" enter your VPS's name (for example Post4VPS) and then click to save.

And you are ready. Putty won't ask for password anymore!

Please use the [Image: thumbsup.png] button below. Thx.
#2
That's the nice tutorial! So is it more secure to use this method and disable root password ? I use it with Filezilla for my cPanel accounts but haven't used for SSH root.


~ Be yourself everybody else is taken ~




#3
(10-21-2015, 05:06 PM)xdude Wrote: That's the nice tutorial! So is it more secure to use this method and disable root password ? I use it with Filezilla for my cPanel accounts but haven't used for SSH root.

Thanks, No I don't think that this is more secure. It's just convenient because you do not have to enter your password all the time.
With password based login you can create 2048-4096 bits passwords too.
So basically this is a very similar to password based logins, the difference is just that you do not have to type it from your keyboard, but store in a txt file in your SSH client's folder.
But if somebody steal your or hack your desktop PC, then he will access to your VPS servers too.
This is why I like better to use passwords and KeePass.
#4
You made a tutorial without totally understanding what it does?
IT MAKES IT MORE SECURE THAN USING PLAIN TEXT PASSWORDS.
RSA keys are REALLY HARD TO CRACK. (Takes billions of years for a normal PC to bruteforce it)

setting PermitRootLogin to without-passwords sets OpenSSH to allow remote root logins but only with ssh keys and blocks login attempts that use plain text passwords.


This could be quite inconvenient if you always use different or change devices. Or if you want to connect from your school or a computer shop.
http://FreeVPS.club - Free VPSs!
#5
Actually...it is not very convenient for me to use this as I frequently change devices...


Possibly Related Threads…
Thread
Author
Replies
Views
Last Post

person_pin_circle Users browsing this thread: 2 Guest(s)
Sponsors: VirMach - Host4Fun - CubeData - Evolution-Host - HostDare - Hyper Expert - Shadow Hosting - Bladenode - Hostlease - RackNerd - ReadyDedis - Limitless Hosting