Hacking Tutorial — How To SSH To A Remote System With A Found Private Key
There comes a time in every hacker’s career when they realize that they don’t remember how to connect to a remote system through an SSH private key. Yes, it happened to me too!
Maybe you’re in the middle of a CTF and you found a private key. Maybe you’re a sys admin that has just set up a new RHEL server and you’re racking your brain on what switches to use. Doesn’t matter, here’s a short tutorial/refresher.
We’re going to use the ShellDredd Hannah vulnerable VM to demonstrate. I already ran a netdiscover and an Nmap scan on this box. It has anonymous FTP open.
Now that I’m connected, I do an ls -la and find the .hannah directory.
I navigate to the to the directory and find an id_rsa file.
I use the get command to bring the key over to my host system.
The file is now in my home directory.
I run cat on the file and see that it is actually a private key.
Now we need to change the permissions so we are not prompted for a password.
chmod 600 id_rsa
Now we are ready to connect.
ssh hannah@192.168.1.108 -i id_rsa -p 61000
The command is pretty self-explanatory, but I’ll go through it. You’ll put the username and the IP and then use the -i flag to indicate a key file. The -p is used if you are connecting to a non-standard port.
Run the command you should be connected! Until next time!
