If you need to log in to multiple Linux machines, doing it manually is a tedious and time-consuming task; why not use SSH Key-based authentication, which is safe and best to connect multiple Linux machines.
SSH is a secure shell protocol that allows you to connect multiple Linux machines securely and remotely.
This tutorial will teach you how to connect two Linux machines using SSH keys. Let’s get started.
Table of Content
- What is SSH?
- What are ssh keys?
- SSH Key generation using ssh keygen
- How to Connect one instance to another remote AWS EC2 instance
- Listing Linux SSH commands
- Ubuntu 18.0.4 machine preferrably, if you don’t have any machine you can create a ec2 instance on AWS account
- It is recommended to have 4GB RAM
- At least 5GB of drive space
You may incur a small charge for creating an EC2 instance on Amazon Managed Web Service.
What is SSH?
SSH is a secure shell protocol to connect Linux machines securely and remotely. When you connect to a remote machine, you log in using an account that already exists and connects to a shell session which is a text-based interface.
To connect from one machine over SSH source machine must have an ssh client installed, and SSH Daemon must be running on the remote machine.
There are two ways in which you connect to a remote machine from a source machine:
- By using a username/password which is not a safer method
- By using SSH authentication method with SSH Keys which is secure.
What are ssh keys?
SSH keys are sets of matching cryptographic keys used for authentication; one of them is the Private key, which is never shared with anyone and kept for your login purpose, and the other is the Public Key, which can be shared.
SSH Key generation using ssh keygen
Now that you have a basic idea about SSH and ssh keys, which is great, let’s dive in and learn how to create ssh keys using the ssh-keygen command. Generating the new SSH key pair is straightforward, and to generate SSH keys, it uses cryptographic algorithms such as RSA (most widely used), DA, and ECDSA.
- To generate the SSH keys run the ssh-key command as shown below. After you execute the command two keys are generated one is private and the other is public key.
- Next after you execute the command it will prompt to save the keys in a particular directory, for now select all the values as default and continue.
- Both the keys (Private and public keys) will be generated under ~/.ssh with the following names id_rsa which is Private key and id_rsa.pub is Public Key
- Next, copy the Public Key to another remote machine by using ssh-copy-id command.
If you get Permission denied (publickey) while running ssh-copy-id ubuntu@remotemachine then on remote node edit the /etc/ssh/sshd_config file and update PasswordAuthentication from no to yes then restart the service using
sudo systemctl restart sshd command.
- After the ssh-copy-id command is succesfully executed you will see the public key will be copied in the ~/.ssh/authorized_keys directory in remote machine.
Note: If you wish to copy the public key without ssh-copy-id command then use cat ~/.ssh/id_rsa.pub | ssh ubuntu@remotemachine “mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys” command directly.
- Finally, try logging into remote machine without password using the below command.
As you can see below, you can connect to the remote machine using SSH Keys.
How to Connect one instance to another remote AWS EC2 instance
Earlier in the previous section, you learned how to generate keys in a Linux machine and connect two Linux machines. As the cloud evolves, such as AWS, people generally tend to use Linux machines hosted on AWS or Azure.
In this section, learn how to connect one instance to another remote AWS EC2 instance. To do that, follow the below steps:
Make sure both the AWS EC2 instance have same key pair attached.
- Firstly, create a new Key pair named newly from EC2 dashboard as shown below.
- Now, download the newly key in pem format that you just created.
- Next, Launch two Public AWS EC2 instance from AWS console named source instance and remote instance with same keypair (“newly”)
- IP address of source machine: 10.111.4.53
- IP address of destination machine: 10.111.4.18
- Now, convert newly.pem into newly.ppk using puttygen tool which you will use to log in to source and remote machine.
- Log in to source machine using your favorite SSH client by providing Public IP address and newly.ppk key.
- Further, inside the source machine’s home directory create a file named awskeypair as shown below.
- Paste the content of newly.pem key from your local machine to awskeypair file in the home directory of source machine as shown below.
- Now set the permissions of awskeypair file in home directory to 600 on the source machine with below command.
chmod awskeypair 600
Now that you have set up your source AWS EC2 instance properly let’s connect to the remote AWS EC2 instance using the below ssh command.
ssh -i awskeypair firstname.lastname@example.org
As you can see below source AWS EC2 instance can connect to the remote machine using SSH Keys.
Listing Linux SSH commands
In this section, let’s quickly revise and learn important Linux SSH commands that one should know.
- To connect to remote linux machine.
- To connect to remote server with different user
- To run a command on remote server.
ssh user@remote_machine command_to_run
- To connect to remote machine with non standard port 22
ssh -p port_number user@remote_machine
- How to disable Password Authentication on linux machine.
Firstly modify the /etc/ssh/sshd_config file and update PasswordAuthentication to NO and run the below command.
service ssh restart
- How to change the SSH Port on the linux machine.
Firstly, edit the ssh file using the below command, comment the Port 22 and add the desired Port number.
Now, execute the below command.
service ssh restart
- How to limit number of users or groups to login to linux machine.
Firstly edit the ssh file using the below command and look for Allowusers. Append all the usernames before Allowusers. Similarly, look for AllowGroups and append all group names before Allowgroups.
Now, execute the below command.
service ssh restart
- How to disable Root login on Linux machine.
Firstly edit the ssh file using the below command and update PermitRootLogin to no and service the ssh service.
vi /etc/ssh/sshd_config service ssh restart
In this tutorial, you learned how to generate and use SSH keys to securely log in to remote machines. With SSH keys, you can secure your connections and don’t require entering a password every time you log in to your remote machines.
Now, you know how to generate SSH keys and use them to log in to machines securely; which Linux instance are you planning to access securely?
2 thoughts on “How to Connect two Linux machines using SSH keys”
Pingback: How to Install Ansible and Run ansible-playbooks on Ubuntu 18.04 LTS
Pingback: The Ultimate Ansible tutorial with Ansible Playbook Examples | Automateinfra