[HOW-TO] Use SSH for Server Authentication

Option #1 - Manual Configuration

Generating a new SSH Key Pair

  1. Run ssh-keygen -t rsa -b 4096
  2. When prompted, enter a passphrase
  3. SSH keys should be stored in ~/.ssh/

Importing Public Key to Remote Machine

  1. SSH into remote server, with username + password
  2. cd into your /home directory, and mkdir .ssh
  3. Copy public key from local to remote machine scp ~/.ssh/my_key.pub user@
  4. Append SSH public key to authorized hosts file cat ~/.ssh/my_key.pub >> ~/.ssh/authorized_keys
  5. Set permissions to .ssh directory (read, write, execute) and files (read, write) chmod 700 ~/.ssh/ && chmod 600 ~/.ssh/*

Disable Password Authentication

  1. Make a backup of the sshdconfig file, before modifying it `sudo cp /etc/ssh/sshdconfig.backup`
  2. Turn off password authentication
    • sudo vim /etc/ssh/sshd_config
    • Find #PasswordAuthentication yes and replace with PasswordAuthentication no
    • Save and exit
  3. Restart SSH service sudo service ssh restart

Option #2 - SSH Copy ID Command

After generating an SSH key pair, simple run ssh-copy-id user@
This adds your public key to the .ssh/authorized_keys file on the remote server

Further Links

You'll only receive email when Alicia Sykes publishes a new post

More from Alicia Sykes