SSH keys are an easy and extremely secure way of logging into your server. This is a better alternative than a simple plain password.
The SSH authentication works using two cryptographically secure keys to authenticate a client to an SSH server.
To generate an SSH key pair you can use ssh-keygen, a tiny tool already included in each Linux distribution.
In a terminal, you’ll have to type:
And it will output the next message where you can use other path for the main key:
Generating public/private rsa key pair. Enter file in which to save the key (/home/username/.ssh/id_rsa):
The main key is called
id_rsa and the public one will be
id_rsa.pub. By default, the keys will be stored in the
/home/username/.ssh/id_rsa already exists. Overwrite (y/n)?
If the above message will be prompted, it means that you already have a generated key. If you’ll replace it, you will not be able to authenticate using the previous key anymore.
You will be prompted to use a passphrase for the key. If you don’t need better encryption, you can press enter. It is an optional step.
Your identification has been saved in /home/username/.ssh/id_rsa. Your public key has been saved in /home/username/.ssh/id_rsa.pub. The key fingerprint is: a9:49:2e:2a:5e:33:3e:a9:de:4e:77:11:58:b6:90:26 username@remote_host The key's randomart image is: +--[ RSA 2048]----+ | ..o | | E o= . | | o. o | | .. | | ..S | | o o. | | =o.+. | |. =++.. | |o=++. | +-----------------+
Now you are almost done.
Connect to your server using SSH and add the content from your local
~/.ssh/authorized_keys on your remote machine.
To view the content of your local
id_rsa.pub use the Linux command
The key will look like a long string:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAmLmwkzQDjEOW1Rj3TP5NldVDqUODVH9xuYrkeaSkxtdP J8D9Hz+XAWnJDAdaIkCVOw2YEfHKWSo6befgNxiS+AKS+S+wM/bJpc4qOLe5ozFjZPNRHcw5O8WkgP5g /wg2BOvxBqSKpsSzvi4rYVRLtl7TLVMyajhELiJ9GqT8f25gr3jFmtuQQIkRES1aC4oL2tHsn529POfP 1lPhh5tb2FbqEpm9L3779ljjkSX8Ba4zza3zUckkuAIb5R7KSOrvPnJaEU903hrI0tx5omGyDy+h/2D1 h0aqHanPcU9Ml91ZpMKdpa0+FeVgs2M3LHYTNnvZ76ScV2VtUQwm3YEvjw== demo@techwetrust
Now, copy its content and paste it at on a new line in the following file
You can use
nano editor or
nano ~/.ssh/authorized_keys vim ~/.ssh/authorized_keys
You’ll have to reconnect to your server using the same process with ssh:
If you followed each step, the ssh authentication was without using the plain password.
Now you have SSH key-base authentication configured and running on your server.