How to Generate and Use SSH Keys on Linux
Why Use SSH Keys?
- SSH keys provide a secure way to access remote servers without using passwords. They consist of a pair of cryptographic keys: a public key and a private key. The public key is placed on the server you want to connect to, while the private key remains on your local machine. When you attempt to connect to the server, the keys are used to authenticate your identity, ensuring secure and password-less login.
Generating SSH Key Pair
To generate an SSH key pair, use the following command,
ssh-keygen -t rsa
Explanation:
- ssh-keygen: Command to generate the SSH key.
- -t rsa: Specifies the type of key to create, in this case, RSA.
You will be prompted to enter a file in which to save the key. Press Enter to accept the default path (~/.ssh/id_rsa
) or specify a different path if desired.
Enter file in which to save the key (/home/yourusername/.ssh/id_rsa): [Press enter]
Set a Passphrase (Optional):
You can add an extra layer of security by setting a passphrase. This is optional but recommended.
Enter passphrase (empty for no passphrase): [Type a passphrase]
Enter same passphrase again: [Repeat the passphrase]
How to Use SSH Keys
Copy the Public Key to the Remote Server:
To allow the remote server to recognize your public key, use the ssh-copy-id
command. This will copy your public key to the remote server and add it to the ~/.ssh/authorized_keys
file.
ssh-copy-id user@remote_host
Explanation:
- ssh-copy-id: Copies your public key to the remote server.
- user@remote_host: Replace user with your username and remote_host with the hostname or IP address of your remote server.
Test SSH Connection:
After copying the public key, you can test the connection to ensure everything is set up correctly. Use the ssh
command to connect to the remote server.
ssh user@remote_host
Explanation:
- ssh: Command to connect to a remote server using SSH.
- user@remote_host: Replace user with your username and remote_host with the hostname or IP address of your remote server.
How to Add a Public Key Manually to the Remote Server
If you prefer, you can manually add your public key to the remote server.
Display Your Public Key:
On your local machine, display the contents of your public key file,
cat ~/.ssh/id_rsa.pub
Now, Copy the entire output of the above command.
Connect to the Remote Server:
Use the ssh command to connect to your remote server,
ssh user@remote_host
Note: Replace user and remote host with actual user and host
Add Your Public Key
Open (or create) the authorized_keys
file in the .ssh
directory and paste your public key into this file,
echo "your_public_key" >> ~/.ssh/authorized_keys
Note: Replace your_public_key with the actual content of your public key that you copied in Step 2.
Set Correct Permissions
Ensure the .ssh directory and authorized_keys file have the correct permissions:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
By following these steps, you can manually add your SSH public key to the remote server, ensuring secure authentication.
Additional Notes:
- Ensure the SSH service is running on both your local and remote machines.
- The default directory for SSH keys is ~/.ssh/.
- If you encounter permission issues, check that the .ssh directory and its contents have the correct permissions (700 for the directory and 600 for the files).
By following these steps, you can securely generate and use SSH keys for authentication on Linux.
CrownCloud - Get a SSD powered KVM VPS at $4.5/month!
Use the code WELCOME
for 10% off!
1 GB RAM / 25 GB SSD / 1 CPU Core / 1 TB Bandwidth per month
Available Locations: LAX | MIA | ATL | FRA | AMS