How SSH password-less key based authentication work in 4 minutes (with example)
How does SSH or secure shell password-less authentication work? this is what we going to learn in this video and stay tuned for a hands-on at the end. If yo...
Hussein Nasser
38.7K views β’ Dec 18, 2020
About this video
How does SSH or secure shell password-less authentication work? this is what we going to learn in this video and stay tuned for a hands-on at the end.
If you have an ssh client you can connect to a machine with an ssh-server by providing the password of the requested user, if the password is correct the server will let you in.
this is however frowned upon because passwords can be guessed, rainbowed or brute forced
That is why we go back to good old public key cryptography for our help, watch my video on encryption here to learn more about symmetric and asymmetric encryption.
The client in this case will generate two keys, public and private key, public key that can be safely shared and private key that should be kept secure
The client then shares its public key with the server to whom it wishes to establish password-less authentication with, this is done through an existing authenticated session of course.
Next time the client wants to connect to the server it will present its public key, the server will look through its authenticated keys list and find that key but that is not enough, the server will encrypt a message using the public key and send it back to the client to prove that it owns the private key. If the client manages to decrypt the message that means it owns the private key and it will let it in.
Thank you so much for watching, subscribe for more and if you want to see how I enable password-less authentication on my raspberrypi you may stay little longer for that.
ssh-keygen -t rsa
ssh-copy-id remote_username@server_ip_address
30 encryption https://youtu.be/Z3FwixsBE94
clear ssh authorized_keys in /home/pi/.ssh
ποΈListen to the Backend Engineering Podcast
https://husseinnasser.com/podcast
π Backend Engineering Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT
πΎ Database Engineering Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2
π° Load Balancing and Proxies Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC
ποΈ Software Archtiecture Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9
π© Messaging Systems
https://www.youtube.com/playlist?list=PLQnljOFTspQVcumYRWE2w9kVxxIXy_AMo
Become a Member
https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join
Support me on PayPal
https://bit.ly/33ENps4
Stay Awesome,
Hussein
If you have an ssh client you can connect to a machine with an ssh-server by providing the password of the requested user, if the password is correct the server will let you in.
this is however frowned upon because passwords can be guessed, rainbowed or brute forced
That is why we go back to good old public key cryptography for our help, watch my video on encryption here to learn more about symmetric and asymmetric encryption.
The client in this case will generate two keys, public and private key, public key that can be safely shared and private key that should be kept secure
The client then shares its public key with the server to whom it wishes to establish password-less authentication with, this is done through an existing authenticated session of course.
Next time the client wants to connect to the server it will present its public key, the server will look through its authenticated keys list and find that key but that is not enough, the server will encrypt a message using the public key and send it back to the client to prove that it owns the private key. If the client manages to decrypt the message that means it owns the private key and it will let it in.
Thank you so much for watching, subscribe for more and if you want to see how I enable password-less authentication on my raspberrypi you may stay little longer for that.
ssh-keygen -t rsa
ssh-copy-id remote_username@server_ip_address
30 encryption https://youtu.be/Z3FwixsBE94
clear ssh authorized_keys in /home/pi/.ssh
ποΈListen to the Backend Engineering Podcast
https://husseinnasser.com/podcast
π Backend Engineering Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT
πΎ Database Engineering Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2
π° Load Balancing and Proxies Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC
ποΈ Software Archtiecture Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9
π© Messaging Systems
https://www.youtube.com/playlist?list=PLQnljOFTspQVcumYRWE2w9kVxxIXy_AMo
Become a Member
https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join
Support me on PayPal
https://bit.ly/33ENps4
Stay Awesome,
Hussein
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
38.7K
Likes
988
Duration
3:53
Published
Dec 18, 2020
User Reviews
4.7
(7) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.