Before creating the SSL key set required by the Web server, you must generate a Certificate Authority (CA) SSL key pair. A CA SSL public certificate is distributed to client systems of the Satellite or Proxy. The Red Hat Network SSL Maintenance Tool allows you to generate a CA SSL key pair if needed and re-use it for all subsequent RHN server. This package provides a set of tools to generate and manage SSL certificates and private keys, and includes genkey, the Red Hat Keypair Generation utility that will guide you through the key generation process.
I am a new RHEL 8 server sysadmin. How do I configure SSH public key-based authentication for RHEL (Red Hat Enterprise Linux) 8 server?
Where,
The procedure to set up SSH key on Red Hat Enteprise Linux 8 server:
Let us see all commands and steps in details.
The syntax is:ssh-keygen -t ed25519
ssh-keygen -t rsa
ssh-keygen -t rsa -b 4096 -f ~/.ssh/aws-lighsail.key -C 'My AWS SSH Keys'
ssh-keygen -t ed25519 -f ~/.ssh/linode-usa-www1-vps.key -C 'My Linode SSH Keys for www'
Where,
I am going type the following command on my Ubuntu desktop to create the key pair:$ ssh-keygen -t ed25519
I strongly recommend that you set up a passphrase when prompted.
Now our key paid generated and stored in ~/.ssh/ directory. You must copy a public SSH key file named ~/.ssh/id_ed25519.pub (or ~/.ssh/id_rsa.pub if you created RSA key) to the RHEL 8 server. Try the ssh-copy-id command as follows:$ ssh-copy-id -i ~/.ssh/fileNameHere.pubuser@remote-RHEL8-server-ip
For example:$ ssh-copy-id -i ~/.ssh/id_ed25519.pub [email protected]
Thanks for the codes. Windows 10 has now become the world’s most popular operatingsystem as 350 million users of Windows 10 to date are not wrong. So, I have no clue what's the deal, but it works now and I'm happy.
Now try logging into the machine, with the ssh command as follows:$ ssh user@rhel-8-server
$ ssh [email protected]
You should be able to log in without a password. If you set up a passphrase, unlock it as follows for your current session so that you don’t have to enter it every time you run ssh, sftp, scp, rsync and other commands:$ ssh-agent $SHELL
$ ssh-add
Disable root user log in all together on RHEL 8 via ssh. Log in as root user on RHEL 8 and run following to add a user named vivek to wheel group:# usermod -aG wheel vivek
# id vivek
Allows users in group wheel can use sudo command to run all commands on RHEL 8 server. Next disable root user login by adding the following line to sshd_config:# vi /etc/ssh/sshd_config
Disable the password for root login and only allow ssh keys based login:
Save and close the file. Reload the ssh server:# systemctl reload sshd.service
For more info see “Top 20 OpenSSH Server Best Security Practices“.
You learned how to set up and use SSH keys to manage your RHEL 8 based server. For more info see OpenSSH man pages here.
ADVERTISEMENTS