Securely Connecting To Server Without Password Authentication : SSH & SFTP

SSH password authentication can be considered as a major security risk to servers because it is susceptible to brute-force attacks and could give anyone unauthorized access to your servers.

For Example in AWS, SSH with pem key is the default login type for EC2 servers but Amazon’s interface only creates a single user account. In this blog, we will talk about how to setup additional pem keys which will allow you to securely login with additional users and this configuration is applicable to non-EC2 servers (either your local server or servers hosted on other public clouds) as well.

On Server :

First,you have to login  server using ssh with the default user account and then create a new user :-

Optional : You have to make an entry in sudoers file if you want to assign root access to this user. Run the following command :-

Add this to the list line of the file opened :-

To generate public and private keys for this user, run the following commands :-

Here, -b flag stands for number of bits, -f is for output key file name and -t defines the encryption type.

This command will generate two key files named myuser and myuser.pub where ‘myuser’ is your private key  and ‘myuser.pub’ is your public key. The next step is to copy public key into authorized keys. Run the following commands :-

Change permissions :-

On local system :

You will now have to download or copy the contents of  file “myuser” which is your private key file to local system. We’ve saved this file as myuserprivatekey.pem but remember that you can rename this file accordingly.

SSH connection to server with the new user :

where 52.48.34.150 is the public IP address of EC2 instance.

SFTP access to server using filezilla :

In order to get SFTP access to your EC2 server for secure file transfer, you will first have to convert your private pem file to ppk file.Here, we will do so by using ‘puttygen’ tool for which the package ‘putty-tools’ should be installed on ubuntu. Run the following command :-

To convert PEM file to PPK :-

where, myuserprivatekey.pem is your private pem key file, myuserprivatekey.ppk is the output ppk file.

-o Tells it where to write out the converted putty private key. -O private Tells it that you want a putty private key (as opposed to the other output formats it can produce).

Now, you need to simply import this file to filezilla. Select the logon mode interactive and once you supply host IP address/name and username, you will be connected to your dedicated server and get access to all the files and directories.

IN CASE OF ANY QUERY, PLEASE CONTACT US

 

 

 

 

Category(s) aws cloud
. . .

Comment (1)

Add Your Comment

  • E-Commerce Sites Automated Backups - Cloudkul
    […] from our local system without password. We have multiple ways to do so, the first way is to login using pem files and the other way is to place your public key into destination’s authorized keys.Here, we […]
  • css.php