Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

Mikrotik – RouterOS SSH Public Key Authentication

If you intent to make use of a RSA key make sure you are running Routeros 6.31 version or above, otherwise you may receive an error like this one unable to load key file (incorrect passphrase?) !. If the installation needs to be update then refer to this post on How to Upgrade RouterOS from the Command Line. NOte: you need access to a Linux system to generate the private and public key pair.

Key Generation

Use the ssh-keygen command to generate an RSA key pair. This step is almost automated for you just wait.

[email protected]:~$ ssh-keygen -t rsa

You can view the key pair in their respective directory. Remember: id_rsa.pub is meant to be public and will be the file we upload to the remote system.

[email protected]:~/scripts $ ls ~/.ssh
authorized_keys  id_rsa  id_rsa.pub  known_hosts

The key pair will reside in the ~/.ssh found in the users home directory. Use SCP to copy the public key pair from the Linux system over to the Mikrotik RouterOS system just change the IP address to that of your router.

[email protected]:~$ scp ~/.ssh/id_rsa.pub [email protected]:id_rsa.pub 

Now log-in to RouterOS and import id_rsa.pub key we just uploaded. I’m importing a key for the user admin you can change this to the of any other user.

RouterOS Key Import

[[email protected]] > /user ssh-keys import public-key-file=id_rsa.pub user=admin

Let’s view the user new SSH key.

[[email protected]] > /user ssh-keys print
Flags: R - RSA, D - DSA
 #   USER                       BITS KEY-OWNER
 0 R admin                      2048

New Key Test

Using an SSH client with the new private SSH key attempt to log-in to RouterOS, if successful you shouldn’t be prompted for a password.

ssh-login



This post first appeared on Linhost.info - Notes And More Notes., please read the originial post: here

Share the post

Mikrotik – RouterOS SSH Public Key Authentication

×

Subscribe to Linhost.info - Notes And More Notes.

Get updates delivered right to your inbox!

Thank you for your subscription

×