Connect with SSH to the Raspberry Pi key exchange
If your Raspberry Pi is exposed on the Internet you can disable SSH service which is not always practical or limit connections to those with key exchange. And it is this method that we will see today.
Linux or Mac
- If it does not exist, create the .ssh
chmod 700 $HOME/.ssh
- Go to the .ssh
- Generating your keys. The option 4096 increases the security of your key (instead of 2096 by default). Finally when the system will ask you a “passphrase” (a password to secure your private key), although it is not compulsory you suspect it is recommended to use a !
ssh-keygen -b 4096
Here you are with a private key (id_rsa) and a public key (id_rsa.pub)
Your private key must be kept in your .ssh directory
Your public key is that you must put (or cause to) up on servers where you want to connect.
for Windows, you can use PuTTYgen to generate your keys.
Install and authorize your public key
- Send your public key to the server. You can use scp, an ftp client, etc. for your file id_rsa.pub
- To connect to the server
- Add the file contents id_rsa.pub you sent in step 1 in the file .ssh/authorized_keys User which want to impersonate
cat id_rsa.pub >> $HOME/.ssh/authorized_keys
Disable authentication password
For now allow only users with key, just change the configuration of the SSH service
- Add the following line to / etc / ssh / sshd_config
- Restart the Service
service ssh restart
There you are now with a Raspberry Pi a bit more secure !