Creating SSH Key Based Authentication

• In order to securely ssh between machines, we needed to set up keys on our rw01 machine and our vyos router.

Step 1

• On the SSH client, the machine you will be SSHing from, use the comand: ssh-keygen -t rsa -b 4096 to generate a key with the type RSA. Save the key to the default file and create a useful passphrase. The key will be saved to the location: /home/user/.ssh/id_rsa.pub

Step 2

• Make sure you have enabled SSH capabilities on the machine you want to ssh to, the server, and then CD into the .ssh directory on the client. Send the key you just created on the client to the server with the command: scp id_rsa.pub [email protected]:/home/user/

Step 3

• Once the key has been sent to the server, move the key on the server to the .ssh directory with the command cat id_rsa.pub >> .ssh/authorized_keys Now, you are able to SSH securely from the client to the server.

Invalid Known Host

• If you finish setting up passwordless authentication and you attempt to ssh, and get a lengthy error about a possible man in the middle attack, you will need to fix the known_hosts file to proceed. On the machine you are SSHing from, remove the known_hosts file with the command below in order to allow ssh.

• rm .ssh/known_hosts