Configure the SSH server and client

perform the following tasks to configure the ssh server and client extract the ssh client public key from the zip file convert the ssh client public key file from der to pem format configure the ssh client public key on the ssh server and disable non key based authentication modes extract the public key perform the following steps to extract the ssh client public key from the zip file log in to the ssh server machine as the user you plan to connect with from the ssh client machine open a terminal session and go to the location of the ssh client public key zip file exported from the {{ch}} run the following command to extract the ssh client public key from the zip file, modifying the file name to match the actual name of your file unzip archive171924 zip you should see the following output archive archive171924 zip extracting ssh pub the ssh pub file is in der format, meaning the public key is binary encoded convert the public key file this section uses openssl to convert the ssh pub file from der to pem format pem is a method of encoding binary data as a string (also known as ascii armor) perform the following steps to convert the ssh client public key file from der to pem format run the following openssl command to convert the public key exported from the {{ch}} in der format to pem format (as required for the ssh keygen command in the next section) openssl rsa inform der outform pem in ssh pub out ssh pubkey pem pubin configure the public key perform the following steps to configure the ssh client public key on the ssh server and disable non key based modes of authentication ssh requires a specific format for the public keys used within an ssh session run the following ssh keygen command to convert the ssh pubkey pem file from the previous command to the required ssh public key format and add it to the / ssh/authorized keys file ssh keygen f ssh pubkey pem i m pkcs8 >> / ssh/authorized keys run the following command to open the ssh daemon configuration file editing this file requires sudo privileges sudo vim /etc/ssh/sshd config inside the file, confirm the following directive is present pubkeyauthentication yes optionally, you can also set the following directives to make the ssh daemon only respond to ssh keys passwordauthentication no challengeresponseauthentication no save and close the file when finished to implement these changes, restart the ssh service on ubuntu or debian machines, run the following command sudo systemctl restart sshd on centos or fedora machines, run the following command sudo service sshd restart