# Change from SSH Password-Based authentication to SSH Key-Based authentication



## Aknot (May 15, 2021)

Hi,

I want to move from password based authentication to key based authentication in SSH, and some questions arise.

I tested to generate a public and private keys in Windows, with cmd prompt and with puttygen.
I'm want to use a password for my public key (if this is important for my questions).

1. Why am I getting two different formats of the private key, does it matter which one i use?

*Example of generated key in cmd prompt*
_(This one IS using my name at the end)_


```
ssh-rsa AAAAB3NzaC1yc2EAAAADddddsdfserDeqjjBgAXYrTGdqCj6HkgYI0C0437QFZxLfJv3f/9vM4Kla5CcalzQnkBp8CmV4lXXF++xz0IxdAE06GVmAAvZNFX2USSKb1WdK+8u0CJ7B4bJn598N3HfbBt15HtbuWGPz6nF7rtwk01kV2VDJgvpdWdD/wqasdfdffat2WMgWvTKbhWM99Wz10IHSASJDQoradlkZ0JePkvFhVStT2rPEvjyYwVfMVBk8ioQnLoiH0OKSnLzSEUasdafdsaadfw333QdXQLhur/fLEehA5byztJbUQrojgGe6+tOpEAOibNf0+xRQY8XYTNg42RhEmnkTEW97lXL35v84dTJ1kitMNHKBJaWzqVyLB3HLGG+ASDasdsvTvljo0i6Rpsj/gci0gzZJseI33mB1BGRFFra+jBGUaPUzdafVGTL3d2402u3xcjqqbOUQYaOhqwjG6nmH0PPQksAbOWz2z7dRoXCx04CxlhmpuzGX3LxNucNQGE= per andersson@PERANDERSSON
```

*Generated in puttygen*
_(This one IS NOT using my name at the end)_


```
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20210515"
AAAAB3NzaC1yc2EAAAABJQAAAQEA4ccdRMj8Kh1G7HRXeVf+/4pFNxnttvDsSi7A
UZJkOxgc3CApTpY+xaAAADEVrxMEXLUTOeyt59d9jWqyUKwlFBAlTMpVySuppx5f
LHRnZKFla3cjBnCnUsiLKg6s3asddfew34Lkj8wQIw9Zy8psHCmAmw0k/zWsgTty
myVeeC/pwz9zh4CIzUg7me4UYjWKWV16Y8+3HyyURy6ni88dAFzeT+SoAJ7pdO0+
9lXA//q23O5hq9D56ROU/19/hm7MBXqZ56xTt4+h+qVE3vTyzzi07xkgZtYXDweR
YuQ/C5wm/icMvWWRVg2BsAwrMEJ6pFMijApY5dssygZYdFutLw==
---- END SSH2 PUBLIC KEY ----
```

2. When moving the key into `~/.ssh/authorized_keys` - must the key string be on one single line without any line breaks or new lines?

3. Can I use use password and key based authentication simultaneous when setting this up? I'm afraid to lock my self out.

4. Does SFTP work in SSH when disabling password authentication `ChallengeResponseAuthentication no` in `sshd_config`?

Thank you,


----------



## SirDice (May 15, 2021)

Aknot said:


> 1. Why am I getting two different formats of the private key, does it matter which one i use?


Yes. For ~/.ssh/authorized_keys use the one that's all on a single line. Not the one with `BEGIN SSH2`.



Aknot said:


> Can I use use password and key based authentication simultaneous when setting this up?


Yes. There is no need to modify sshd_config, everything is already set up for public key and/or password authentication.


----------



## mtu (May 15, 2021)

Aknot said:


> 3. Can I use use password and key based authentication simultaneous when setting this up? I'm afraid to lock my self out.


Take a look at ssh-copy-id(1), it does most of the job for you.

If your public key is in the default location (~/.ssh/id_*.pub) and you run `ssh-copy-id somehost`, then it will:

log you in to `somehost` (asking for the password if needed),
read your public key from its location,
copy that key into ~/.ssh/authorized_keys on`somehost`.


----------



## zirias@ (May 15, 2021)

Just one thing to consider in general: While only allowing keys gives you the best possible security (given you don't "lose" your private key), it has a downside. That's simply the requirement to actually carry your private key with you to be able to do anything.

IMHO, this doesn't play well with Murphy's Law  At least, I had situations where I really needed to quickly fix something on my server, from an "internet-cafe" in Casablanca, and using my phone in some WiFi on Mallorca. It happens  If you use reasonably strong passwords, the security level should still be acceptable and all you need for access is right there in your head.

So, I won't say "don't", just giving something to think about before you do. There are always tradeoffs with any decision


----------



## mtu (May 15, 2021)

That's true, it's important to keep your private key safe. Personally, I'd only keep private keys on encrypted drives, _or_ use private keys with a passphrase where that's not possible.

So, a mixed strategy for a password-less sshd could be: on your main machines with encrypted drives, you've got your 'regular' private keys. On unencrypted and/or mobile devices, you've got your 'travel' keys that require a passphrase. When you lose/invalidate one of those, the other can still continue to work.

But Zirias is right, of course: when you've got no device with you, and no way to get to your private key, you're hosed, and cannot access a password-less sshd.


----------



## zirias@ (May 15, 2021)

mtu said:


> So, a mixed strategy for a password-less sshd could be: on your main machines with encrypted drives, you've got your 'regular' private keys. On unencrypted and/or mobile devices, you've got your 'travel' keys that require a passphrase. When you lose/invalidate one of those, the other can still continue to work.


That makes sense. As a possible alternative, you can use only passphrase-protected keys, but use ssh-agent(1) (putty provides a similar tool for Windows) so you only have to unlock them once per session.


----------



## ccammack (May 15, 2021)

I like to use both command line `ssh`and PuTTY-aware tools like `WinSCP` to connect from Windows 8 to remote machines, so I _always generate the keys on the command line_ using a Windows port of `ssh-keygen`, which it sounds like you have already done, _then convert the private key into a PuTTY-format version_ using the PuTTY Key Generator (`puttygen.exe`) and save it as putty.ppk.

You'll end up with 3 files representing a single key pair for the Windows client machine:

id_rsa.pub (public key to be copied to each remote server)
id_rsa (private key representing this Windows client machine)
putty.ppk (same private key in PuTTY format)

If available, use `ssh-copy-id` to copy the public key to each remote server. If not, you can use `cat` and `ssh`itself to do the copy and set up the authorized_keys file. (_Before doing this, I would log in manually and back it up first if it already exists_):

`cat ".ssh\id_rsa.pub" | ssh -t user@server "mkdir -p ~/.ssh && cat - >> ~/.ssh/authorized_keys && echo >> ~/.ssh/authorized_keys && chmod 700 ~/.ssh && chmod 600 ~/.ssh/authorized_keys"`

For PuTTY-related things like `WinSCP`, first run Pageant (`pageant.exe`) and select the putty.ppk file. If your security allows it, you can create a shortcut in the Startup folder to run it when Windows boots: `"C:\Program Files\PuTTY\pageant.exe" "C:\Users\user\.ssh\putty.ppk"`

For command-line SSH, first run `ssh-agent` and `ssh-add` with the id_rsa file instead.


----------



## tingo (May 15, 2021)

FWIW, many (most?) desktop environments today are setup so that ssh-agent is running when you are logged in. Then all you need to do is run ssh-add(1) once, to add you ssh key(s) to the agent. (Yes, I'm assuming that you run your desktop on a real operating system, like FreeBSD.)


----------



## gpw928 (May 15, 2021)

As Bruce Schneier said in CRYPTO-GRAM, April 15, 2005, "For anything that requires reasonable security, the era of passwords is over.".

Some of my hosts face the Internet.  I only allow key based login, and always append this to /etc/ssh/sshd_config:
	
	



```
# We need to allow root login for rsnapshot backup server
PermitRootLogin prohibit-password
# We want login via ssh with keys only...
PubkeyAuthentication yes
PasswordAuthentication no
ChallengeResponseAuthentication no
```
If you use a keychain when logged in, you only have to unlock your private key once.


----------



## Phishfry (May 15, 2021)

I use ssh keys with Linode. 
Personally I think RSA is crap and has been infiltrated. Not safe.

Use ed25519 instead.





						Curve25519 - Wikipedia
					






					en.wikipedia.org
				



`ssh-keygen -t ed25519`


----------



## gpw928 (May 16, 2021)

Phishfry said:


> Personally I think RSA is crap and has been infiltrated. Not safe.
> 
> Use ed25519 instead.


I won't argue with that advice, but I think that RSA has been maligned.  There's plenty of erudite defence for RSA.


----------



## Phishfry (May 16, 2021)

Well I use online banking and it relies on RSA signed certs. So there is that.
Look at our forums LetsEncrypt cert signing.
"PKCS #1 SHA-256 With RSA Encryption"

I have no choice in the algorithms used in these handshakes with my browser.
But for server to client SSH key checking you have a choice. Without a noticeable performance hit.


----------



## tux2bsd (May 16, 2021)

ed25519 all the way


----------



## Aknot (May 16, 2021)

Thank you everyone for sharing your knowledge and experience. None of my friends share my interests, so I'm very grateful having you people here to ask. The FreeBSD community is really awesome.


----------

