Configure key-based authentication
IMPORTANT: Before following the steps below, ensure that you have enabled the SSH server (disabled by default) and that your application server is running.
To configure the SSH server to support key-based authentication, follow these steps:
Log in to the server console as the bitnami user.
Create a key pair, consisting of a public and private key, as shown below. Set a long passphrase when prompted.
$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/bitnami/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/bitnami/.ssh/id_rsa. Your public key has been saved in /home/bitnami/.ssh/id_rsa.pub. The key fingerprint is: XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX bitnami@linux
This command should create two files named id_rsa and id_rsa.pub in the /home/bitnami/.ssh directory.
Copy the private key file named id_rsa to a secure location. Do not share this private key file.
Transfer the contents of the public key file to the /home/bitnami/.ssh/authorized_keys file:
$ cd /home/bitnami/.ssh $ cat id_rsa.pub >> /home/bitnami/.ssh/authorized_keys
Edit the /etc/ssh/sshd_config and uncomment (or add if not already present) the following lines:
RSAAuthentication yes PubkeyAuthentication yes
In the same file, disable basic password authentication:
ChallengeResponseAuthentication no PasswordAuthentication no UsePAM no
Restart the SSH server for the new configuration to take effect:
$ sudo /etc/init.d/ssh force-reload
You can now use the private key file to connect to the virtual machine using SSH.