How to Generate and Use SSH Keys on Linux

Why Use SSH Keys?

  • SSH keys provide a secure way to access remote servers without using passwords. They consist of a pair of cryptographic keys: a public key and a private key. The public key is placed on the server you want to connect to, while the private key remains on your local machine. When you attempt to connect to the server, the keys are used to authenticate your identity, ensuring secure and password-less login.

Generating SSH Key Pair

To generate an SSH key pair, use the following command,

ssh-keygen -t rsa

Explanation:

  • ssh-keygen: Command to generate the SSH key.
  • -t rsa: Specifies the type of key to create, in this case, RSA.

You will be prompted to enter a file in which to save the key. Press Enter to accept the default path (~/.ssh/id_rsa) or specify a different path if desired.

Enter file in which to save the key (/home/yourusername/.ssh/id_rsa): [Press enter]

Set a Passphrase (Optional):

You can add an extra layer of security by setting a passphrase. This is optional but recommended.

Enter passphrase (empty for no passphrase): [Type a passphrase]
Enter same passphrase again: [Repeat the passphrase]

How to Use SSH Keys

Copy the Public Key to the Remote Server:

To allow the remote server to recognize your public key, use the ssh-copy-id command. This will copy your public key to the remote server and add it to the ~/.ssh/authorized_keys file.

ssh-copy-id user@remote_host

Explanation:

  • ssh-copy-id: Copies your public key to the remote server.
  • user@remote_host: Replace user with your username and remote_host with the hostname or IP address of your remote server.

Test SSH Connection:

After copying the public key, you can test the connection to ensure everything is set up correctly. Use the ssh command to connect to the remote server.

ssh user@remote_host

Explanation:

  • ssh: Command to connect to a remote server using SSH.
  • user@remote_host: Replace user with your username and remote_host with the hostname or IP address of your remote server.

How to Add a Public Key Manually to the Remote Server

If you prefer, you can manually add your public key to the remote server.

Display Your Public Key:

On your local machine, display the contents of your public key file,

cat ~/.ssh/id_rsa.pub

Now, Copy the entire output of the above command.

Connect to the Remote Server:

Use the ssh command to connect to your remote server,

ssh user@remote_host

Note: Replace user and remote host with actual user and host

Add Your Public Key

Open (or create) the authorized_keys file in the .ssh directory and paste your public key into this file,

echo "your_public_key" >> ~/.ssh/authorized_keys

Note: Replace your_public_key with the actual content of your public key that you copied in Step 2.

Set Correct Permissions

Ensure the .ssh directory and authorized_keys file have the correct permissions:

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

By following these steps, you can manually add your SSH public key to the remote server, ensuring secure authentication.

Additional Notes:

  • Ensure the SSH service is running on both your local and remote machines.
  • The default directory for SSH keys is ~/.ssh/.
  • If you encounter permission issues, check that the .ssh directory and its contents have the correct permissions (700 for the directory and 600 for the files).

By following these steps, you can securely generate and use SSH keys for authentication on Linux.


CrownCloud - Get a SSD powered KVM VPS at $4.5/month!
Use the code WELCOME for 10% off!

1 GB RAM / 25 GB SSD / 1 CPU Core / 1 TB Bandwidth per month

Available Locations: LAX | MIA | ATL | FRA | AMS