Coursnap

title
Linux/Mac Tutorial: SSH Key-Based Authentication - How to SSH Without a Password

description
In this Linux/Mac terminal tutorial, we will be learning how to configure ssh keys so that we can login to our servers without a password. Not only is this more convenient, but it is also more secure. This also allows us to write automated scripts to talk to our servers without the need of putting in passwords constantly. Let's get started. How to Create a Network of Machines in VirtualBox with SSH Access: https://youtu.be/S7jD6nnYJy0 ✅ Support My Channel Through Patreon: https://www.patreon.com/coreyms ✅ Become a Channel Member: https://www.youtube.com/channel/UCCezIgC97PvUuR4_gbFUs5g/join ✅ One-Time Contribution Through PayPal: https://goo.gl/649HFY ✅ Cryptocurrency Donations: Bitcoin Wallet - 3MPH8oY2EAgbLVy7RBMinwcBntggi7qeG3 Ethereum Wallet - 0x151649418616068fB46C3598083817101d3bCD33 Litecoin Wallet - MPvEBY5fxGkmPQgocfJbxP6EmTo5UUXMot ✅ Corey's Public Amazon Wishlist http://a.co/inIyro1 ✅ Equipment I Use and Books I Recommend: https://www.amazon.com/shop/coreyschafer ▶️ You Can Find Me On: My Website - http://coreyms.com/ My Second Channel - https://www.youtube.com/c/coreymschafer Facebook - https://www.facebook.com/CoreyMSchafer Twitter - https://twitter.com/CoreyMSchafer Instagram - https://www.instagram.com/coreymschafer/ #Linux #Mac

detail
{'title': 'Linux/Mac Tutorial: SSH Key-Based Authentication - How to SSH Without a Password', 'heatmap': [{'end': 218.449, 'start': 187.101, 'weight': 0.91}, {'end': 543.065, 'start': 447.809, 'weight': 1}, {'value': 0.7260580067209661, 'end_time': 543.0649999999999, 'start_time': 500.546}, {'end': 837.666, 'start': 795.433, 'weight': 0.77}], 'summary': 'Learn how to set up key-based ssh authentication for secure logins, emphasizing convenience, security, and automation, including key management, 4096-bit rsa key generation, transferring public key using scp, and maximizing security by turning off password authentication and setting permissions, with a demonstration of manual method and ssh copy id command for streamlined setup on linux and mac.', 'chapters': [{'end': 142.393, 'segs': [{'end': 33.671, 'src': 'embed', 'start': 0.349, 'weight': 0, 'content': [{'end': 1.29, 'text': "Hey there, how's it going everybody?", 'start': 0.349, 'duration': 0.941}, {'end': 7.253, 'text': "In this video we'll be learning how to use key based authentication instead of passwords in order to SSH into a machine.", 'start': 1.65, 'duration': 5.603}, {'end': 11.036, 'text': 'So this is much more convenient and also more secure than using passwords.', 'start': 7.594, 'duration': 3.442}, {'end': 14.958, 'text': 'So if you ever plan on doing any system administration work in the future,', 'start': 11.376, 'duration': 3.582}, {'end': 20.502, 'text': "then you'll most likely spend a lot of time using the secure shell to log into different machines to do some work.", 'start': 14.958, 'duration': 5.544}, {'end': 27.707, 'text': "And setting up key based authentication not only saves time, but it's more secure and also allows you to automate tasks more easily.", 'start': 20.922, 'duration': 6.785}, {'end': 28.847, 'text': 'Now for this video.', 'start': 28.147, 'duration': 0.7}, {'end': 33.671, 'text': "I'm going to assume that you currently have a machine that you can SSH into using a password,", 'start': 28.847, 'duration': 4.824}], 'summary': 'Learn to use key-based ssh authentication for convenience, security, and time-saving.', 'duration': 33.322, 'max_score': 0.349, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE349.jpg'}, {'end': 112.074, 'src': 'embed', 'start': 87.463, 'weight': 1, 'content': [{'end': 94.865, 'text': "Now I'm going to leave this remote machine logged in over here and leave this connection open while we're looking at how we can set up key based authentication.", 'start': 87.463, 'duration': 7.402}, {'end': 99.707, 'text': "So what we're going to do is we're going to create a private key and a public key.", 'start': 95.345, 'duration': 4.362}, {'end': 107.952, 'text': "Now, the private key will live on our local machine and the public key is going to live on the machine that we'll be SSHing into or the remote machine.", 'start': 100.048, 'duration': 7.904}, {'end': 112.074, 'text': 'So when I first learned how to set up key-based authentication for SSH,', 'start': 108.332, 'duration': 3.742}], 'summary': 'Setting up key-based authentication for ssh involves creating private and public keys.', 'duration': 24.611, 'max_score': 87.463, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE87463.jpg'}, {'end': 150.86, 'src': 'embed', 'start': 125.902, 'weight': 2, 'content': [{'end': 132.546, 'text': 'Now you can remember this by thinking about the private key being on the machine that only you have access to, your private local machine.', 'start': 125.902, 'duration': 6.644}, {'end': 136.869, 'text': "And the public key will be placed on the machine that you'll be trying to access.", 'start': 132.987, 'duration': 3.882}, {'end': 142.393, 'text': "So to create the public and private keys on our local machine, we're going to use the command ssh-keygen.", 'start': 137.47, 'duration': 4.923}, {'end': 150.86, 'text': "Now, if you've looked this up online before, like in GitHub or Linode documentation or something like that,", 'start': 144.975, 'duration': 5.885}], 'summary': 'Private key on local machine, public key on remote machine. use ssh-keygen to create keys.', 'duration': 24.958, 'max_score': 125.902, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE125902.jpg'}], 'start': 0.349, 'title': 'Setting up key-based ssh authentication', 'summary': 'Covers the process of setting up key-based authentication for ssh, emphasizing convenience, security, and ease of automation with the use of private and public keys for secure logins.', 'chapters': [{'end': 142.393, 'start': 0.349, 'title': 'Key-based authentication for ssh', 'summary': 'Covers the process of setting up key-based authentication for ssh, highlighting its convenience, security, and ease of automation, emphasizing the use of private and public keys for secure logins.', 'duration': 142.044, 'highlights': ['Setting up key-based authentication for SSH is more convenient, secure, and allows for easier task automation compared to using passwords. Key-based authentication for SSH is more convenient and secure than using passwords and allows for easier task automation.', 'The process involves creating a private key on the local machine and a public key on the remote machine for secure logins. The process involves creating a private key on the local machine and a public key on the remote machine for secure logins.', 'Emphasize the importance of placing the public key on the machine being accessed and the private key on the local machine as a memory aid. The public key should be placed on the machine being accessed, while the private key should be kept on the local machine, serving as a memory aid.']}], 'duration': 142.044, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE349.jpg', 'highlights': ['Setting up key-based authentication for SSH is more convenient, secure, and allows for easier task automation compared to using passwords.', 'The process involves creating a private key on the local machine and a public key on the remote machine for secure logins.', 'Emphasize the importance of placing the public key on the machine being accessed and the private key on the local machine as a memory aid.']}, {'end': 464.117, 'segs': [{'end': 169.235, 'src': 'embed', 'start': 144.975, 'weight': 0, 'content': [{'end': 150.86, 'text': "Now, if you've looked this up online before, like in GitHub or Linode documentation or something like that,", 'start': 144.975, 'duration': 5.885}, {'end': 157.766, 'text': 'then you\'ll notice a lot of people recommend adding a "-t rsa-b 4096".', 'start': 150.86, 'duration': 6.906}, {'end': 164.191, 'text': 'Now that "-t option just means that we want to make sure that we\'re using RSA as the type of key,', 'start': 157.766, 'duration': 6.425}, {'end': 167.334, 'text': 'and the "-b option just makes our keys a bit more secure.', 'start': 164.191, 'duration': 3.143}, {'end': 169.235, 'text': "So I'm going to go ahead and add that in.", 'start': 167.674, 'duration': 1.561}], 'summary': 'Using rsa with a 4096-bit key for added security.', 'duration': 24.26, 'max_score': 144.975, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE144975.jpg'}, {'end': 238.237, 'src': 'heatmap', 'start': 187.101, 'weight': 2, 'content': [{'end': 194.004, 'text': "Now, if you want more security or you're worried about someone getting access to your local computer, then you can put in a passphrase here,", 'start': 187.101, 'duration': 6.903}, {'end': 196.165, 'text': "but I'm just going to go ahead and leave this blank.", 'start': 194.004, 'duration': 2.161}, {'end': 198.807, 'text': 'So now that key was created.', 'start': 197.245, 'duration': 1.562}, {'end': 203.953, 'text': 'So now that we created those keys, we can navigate to the directory where those were placed.', 'start': 199.107, 'duration': 4.846}, {'end': 208.898, 'text': 'And that was in our home directory in this .ssh directory.', 'start': 204.233, 'duration': 4.665}, {'end': 215.285, 'text': 'Now if I list the files in this directory, then you can see that we have two keys here.', 'start': 209.539, 'duration': 5.746}, {'end': 218.449, 'text': 'ID underscore RSA is our private key.', 'start': 215.786, 'duration': 2.663}, {'end': 222.771, 'text': 'and id underscore rsa dot pub is our public key.', 'start': 219.009, 'duration': 3.762}, {'end': 230.674, 'text': "so id underscore rsa dot pub is the one that we want to copy over to our remote machine that we're going to be logging into now.", 'start': 222.771, 'duration': 7.903}, {'end': 236.636, 'text': 'at this point some people use a simple command called ssh dash copy dash id.', 'start': 230.674, 'duration': 5.962}, {'end': 238.237, 'text': 'ssh copy id.', 'start': 236.636, 'duration': 1.601}], 'summary': 'Created ssh keys: private key (id_rsa) and public key (id_rsa.pub)', 'duration': 51.136, 'max_score': 187.101, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE187101.jpg'}, {'end': 331.026, 'src': 'embed', 'start': 301.707, 'weight': 1, 'content': [{'end': 304.789, 'text': "Now to do this, I'm going to use the scp command.", 'start': 301.707, 'duration': 3.082}, {'end': 309.312, 'text': 'scp is a way to copy files to a machine over ssh.', 'start': 305.209, 'duration': 4.103}, {'end': 318.338, 'text': "Now, this is somewhat of a long command, but to run this command I'm just going to say scp and then my home directory dot ssh.", 'start': 309.652, 'duration': 8.686}, {'end': 325.803, 'text': "that's where we placed those keys, and then the key that I want to copy over is id underscore, rsa dot pub.", 'start': 318.338, 'duration': 7.465}, {'end': 331.026, 'text': "Now that's the file that we want to copy over, so now we'll put in a space, and now where we want to copy it.", 'start': 326.443, 'duration': 4.583}], 'summary': 'Using scp command to copy id_rsa.pub to home directory .ssh', 'duration': 29.319, 'max_score': 301.707, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE301707.jpg'}, {'end': 419.814, 'src': 'embed', 'start': 391.889, 'weight': 3, 'content': [{'end': 398.412, 'text': "So now that we have that key, let's append the contents of that file to a new file called authorized keys.", 'start': 391.889, 'duration': 6.523}, {'end': 403.955, 'text': "Now this file doesn't currently exist, but it will create it when we append the key to that file.", 'start': 398.752, 'duration': 5.203}, {'end': 411.864, 'text': "So to do this, we're just going to say cat and then the file that we want to cat is in our home folder.", 'start': 404.335, 'duration': 7.529}, {'end': 419.814, 'text': 'ssh uploaded key pub and now this double carets here will append to a file', 'start': 411.864, 'duration': 7.95}], 'summary': "Append ssh key to 'authorized_keys' file in home folder.", 'duration': 27.925, 'max_score': 391.889, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE391889.jpg'}], 'start': 144.975, 'title': 'Ssh key management', 'summary': 'Covers ssh key generation with the option to increase security by using a 4096-bit rsa key, transferring the public key to a remote machine using the scp command, and setting up ssh key-based authentication, including copying the key to the remote machine, appending it to the authorized keys file, and verifying successful setup.', 'chapters': [{'end': 347.597, 'start': 144.975, 'title': 'Ssh key generation and transfer', 'summary': 'Explains the process of generating ssh keys, including the option to increase security by using a 4096-bit rsa key instead of the default 2048-bit, and then transferring the public key to a remote machine using the scp command.', 'duration': 202.622, 'highlights': ['The chapter explains the process of generating SSH keys, including the option to use a 4096-bit RSA key instead of the default 2048-bit, to increase security. 4096-bit RSA key, default 2048-bit', 'The process of using the scp command to transfer the public key to a remote machine is detailed, providing a secure way to copy files over SSH. scp command, remote machine transfer', 'The chapter discusses the option of adding a passphrase for increased security when generating SSH keys. option of adding passphrase']}, {'end': 464.117, 'start': 347.917, 'title': 'Setting up ssh key authentication', 'summary': 'Explains the process of setting up ssh key-based authentication, including copying the key to the remote machine, appending it to the authorized keys file, and verifying the successful setup.', 'duration': 116.2, 'highlights': ["Copying the public key to the remote machine's .ssh directory The user copies the public key to the remote machine's .ssh directory, creating the 'uploaded_key.pub' file.", 'Appending the key to the authorized_keys file for key-based authentication The user appends the contents of the public key file to the authorized_keys file, creating the file if it does not exist.', 'Verifying the successful setup by checking the authorized_keys file The user verifies the successful setup by printing out the contents of the authorized_keys file, confirming the key has been appended.']}], 'duration': 319.142, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE144975.jpg', 'highlights': ['The chapter explains the process of generating SSH keys, including the option to use a 4096-bit RSA key instead of the default 2048-bit, to increase security.', 'The process of using the scp command to transfer the public key to a remote machine is detailed, providing a secure way to copy files over SSH.', "Copying the public key to the remote machine's .ssh directory The user copies the public key to the remote machine's .ssh directory, creating the 'uploaded_key.pub' file.", 'Appending the key to the authorized_keys file for key-based authentication The user appends the contents of the public key file to the authorized_keys file, creating the file if it does not exist.', 'Verifying the successful setup by checking the authorized_keys file The user verifies the successful setup by printing out the contents of the authorized_keys file, confirming the key has been appended.', 'The chapter discusses the option of adding a passphrase for increased security when generating SSH keys.']}, {'end': 932.497, 'segs': [{'end': 490.918, 'src': 'embed', 'start': 464.117, 'weight': 3, 'content': [{'end': 467.96, 'text': 'so now we should make sure that our permissions are set up correctly.', 'start': 464.117, 'duration': 3.843}, {'end': 472.744, 'text': "now, if you don't know Linux permissions very well, then that will be a topic for another video.", 'start': 467.96, 'duration': 4.784}, {'end': 475.926, 'text': 'but in this video we will just set these permissions where they need to be.', 'start': 472.744, 'duration': 3.182}, {'end': 482.231, 'text': 'so our SSH folder should be set to 700 and the files within that folder should be set to 600.', 'start': 475.926, 'duration': 6.305}, {'end': 490.918, 'text': 'so we can set this by saying chmod 700 on our ssh folder.', 'start': 482.231, 'duration': 8.687}], 'summary': 'Set ssh folder to 700 and files within it to 600 for correct permissions.', 'duration': 26.801, 'max_score': 464.117, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE464117.jpg'}, {'end': 548.849, 'src': 'embed', 'start': 515.682, 'weight': 0, 'content': [{'end': 517.183, 'text': "So let's do an SSH.", 'start': 515.682, 'duration': 1.501}, {'end': 524.892, 'text': 'We want to SSH in as coreyms at 192.168.56.100.', 'start': 517.443, 'duration': 7.449}, {'end': 525.574, 'text': 'Okay, so awesome.', 'start': 524.893, 'duration': 0.681}, {'end': 529.536, 'text': 'That looked like it worked and that we were able to log in without a password.', 'start': 525.594, 'duration': 3.942}, {'end': 534.039, 'text': 'So, now that you have this set up to use key-based authentication,', 'start': 530.217, 'duration': 3.822}, {'end': 543.065, 'text': 'one last thing that you might want to do is maximize security by only allowing this kind of login and turning off password authentication altogether.', 'start': 534.039, 'duration': 9.026}, {'end': 548.849, 'text': 'So this will require all users connect through SSH using this key-based authentication.', 'start': 543.405, 'duration': 5.444}], 'summary': 'Ssh login as coreyms at 192.168.56.100 without password for maximum security.', 'duration': 33.167, 'max_score': 515.682, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE515682.jpg'}, {'end': 759.899, 'src': 'embed', 'start': 721.864, 'weight': 1, 'content': [{'end': 729.63, 'text': "So now real quick, we're going to learn how we can use this SSH copy ID command to set up key based authentication here on our second machine.", 'start': 721.864, 'duration': 7.766}, {'end': 734.514, 'text': 'Now this is considered a way easier approach than the one that I showed you how to do manually.', 'start': 730.011, 'duration': 4.503}, {'end': 738.918, 'text': 'But for some of you, you may not have access to this SSH copy ID command.', 'start': 734.834, 'duration': 4.084}, {'end': 744.382, 'text': "So I wanted to show the way that would work for everyone first and then this easier method if it's available to you.", 'start': 739.198, 'duration': 5.184}, {'end': 749.908, 'text': "So if you're on Linux, then you should already have SSH copy ID as a command.", 'start': 744.782, 'duration': 5.126}, {'end': 754.813, 'text': "But if you're on Mac, then you can install this by using Homebrew.", 'start': 750.168, 'duration': 4.645}, {'end': 759.899, 'text': "And if you don't know what Homebrew is, basically it's just a package manager for the Mac.", 'start': 755.174, 'duration': 4.725}], 'summary': 'Learn to use ssh copy id for key-based authentication on linux and install it via homebrew on mac.', 'duration': 38.035, 'max_score': 721.864, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE721864.jpg'}, {'end': 837.666, 'src': 'heatmap', 'start': 795.433, 'weight': 0.77, 'content': [{'end': 804.285, 'text': 'So this is as simple as just typing the command ssh-copy-id and then the machine that we want to log into.', 'start': 795.433, 'duration': 8.852}, {'end': 806.388, 'text': 'So our username and 192.168.56 and this one is 101.', 'start': 804.406, 'duration': 1.982}, {'end': 808.051, 'text': "So let's go ahead and run that.", 'start': 806.388, 'duration': 1.663}, {'end': 818.559, 'text': 'Now, even without specifying the key, that command should find our ID RSA public key for us.', 'start': 812.937, 'duration': 5.622}, {'end': 821.8, 'text': 'And when it does, it will ask us for the password to our remote machine.', 'start': 818.939, 'duration': 2.861}, {'end': 824.161, 'text': "So I'll go ahead and type in that password.", 'start': 822.12, 'duration': 2.041}, {'end': 828.842, 'text': "And once that's finished, let's go ahead and try to SSH into that machine now.", 'start': 824.721, 'duration': 4.121}, {'end': 836.385, 'text': "So let's do an SSH, coreyms at 192.168.", 'start': 829.142, 'duration': 7.243}, {'end': 837.666, 'text': 'Okay, so that looked like it worked.', 'start': 836.385, 'duration': 1.281}], 'summary': 'Demonstrating ssh-copy-id command for logging into a remote machine successfully.', 'duration': 42.233, 'max_score': 795.433, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE795433.jpg'}], 'start': 464.117, 'title': 'Ssh key-based authentication', 'summary': 'Explains setting up ssh key authentication, setting folder permissions to 700 and files within the folder to 600, and turning off password authentication in the ssh configuration to maximize security. it also demonstrates setting up key-based authentication for ssh, showcasing manual method and ssh copy id command, available on linux and installable on mac using homebrew, simplifying the process and enhancing security.', 'chapters': [{'end': 664.064, 'start': 464.117, 'title': 'Setting up ssh key authentication and maximizing security', 'summary': 'Explains setting up ssh key authentication, setting folder permissions to 700 and files within the folder to 600, and turning off password authentication in the ssh configuration file to maximize security.', 'duration': 199.947, 'highlights': ["Setting SSH folder to 700 and files within the folder to 600 using 'chmod' command to enable SSH key-based authentication.", 'Successfully SSH-ing into the machine without a password after setting up key-based authentication.', "Turning off password authentication in the SSH configuration file by editing 'sshd_config' file and setting 'PasswordAuthentication' to 'no'."]}, {'end': 932.497, 'start': 664.765, 'title': 'Setting up ssh key-based authentication', 'summary': 'Demonstrates how to set up key-based authentication for ssh, showing both the manual method and the easier ssh copy id command, which is available on linux and can be installed on mac using homebrew. it highlights the steps involved in using ssh copy id, simplifying the process and enhancing security.', 'duration': 267.732, 'highlights': ['The SSH copy ID command simplifies the process of setting up key-based authentication, providing a more convenient and secure method compared to manual configuration.', 'SSH copy ID is available by default on Linux, and can be installed on Mac using Homebrew, making it accessible to a wide range of users.', 'Using SSH copy ID eliminates the need to manually create an SSH folder, copy keys, or adjust permissions, streamlining the authentication setup process.', 'After running the SSH copy ID command, the remote machine automatically creates the necessary .ssh folder, sets the correct permissions, and adds the public key to the authorized_keys file, automating several key steps in the process.', 'Key-based authentication provides enhanced security compared to regular passwords and offers convenience when running scripts that connect to machines.']}], 'duration': 468.38, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/vpk_1gldOAE/pics/vpk_1gldOAE464117.jpg', 'highlights': ['Setting up key-based authentication for SSH enhances security and eliminates the need for passwords.', 'SSH copy ID simplifies the authentication setup process and automates several key steps.', 'Turning off password authentication in the SSH configuration file maximizes security.', "Setting SSH folder to 700 and files within the folder to 600 using 'chmod' command enables key-based authentication.", 'SSH copy ID is available by default on Linux and can be installed on Mac using Homebrew, making it accessible to a wide range of users.']}], 'highlights': ['Setting up key-based authentication for SSH enhances security and eliminates the need for passwords.', 'SSH copy ID simplifies the authentication setup process and automates several key steps.', 'The process involves creating a private key on the local machine and a public key on the remote machine for secure logins.', 'Emphasize the importance of placing the public key on the machine being accessed and the private key on the local machine as a memory aid.', 'The chapter explains the process of generating SSH keys, including the option to use a 4096-bit RSA key instead of the default 2048-bit, to increase security.', 'The process of using the scp command to transfer the public key to a remote machine is detailed, providing a secure way to copy files over SSH.', 'Turning off password authentication in the SSH configuration file maximizes security.', "Setting SSH folder to 700 and files within the folder to 600 using 'chmod' command enables key-based authentication.", 'SSH copy ID is available by default on Linux and can be installed on Mac using Homebrew, making it accessible to a wide range of users.']}