How To Set Up SSH Keys

How To Set Up SSH Keys

In this tutorial, we will show you how to login to your Linux VPS using SSH keys. We will generate a key pair (private and public key), place the private key on your server and then use your locally stored private key to gain access to your server. This method provides a more secure way of connecting to your server, instead of just using a password. To set up SSH keys, carefully follow the steps below carefully.

We will split this guide into two sections and explain how to generate an SSH key pair on both Linux and Windows operating system.

1. Generating SSH keys on Linux

In this section, we will go through how to generate an SSH key pair on a Linux or any other Unix-like operating system.

To generate the SSH keys, simply run the following command from your local computer:

ssh-keygen

You can just press Enter to leave the default values of all the questions. Optionally, you can also set a passphrase for your key, or just press Enter again if you don’t want to.

Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:BKK3yDVgXXIs3mdeb/XjJtVtLlbdM8AFnaMPdvqcTNg root@localhost
The key's randomart image is:
+---[RSA 2048]----+
| o.oo+       .o .|
| . oo+..       = |
|  ..+o .    . o .|
| . +.o..o .  *.. |
|  o .  +S. ...O.=|
|        .   oo EO|
|           .  B+=|
|             .oB.|
|             .o. |
+----[SHA256]-----+

This will create a 2048 bit private and public key (id_rsa and id_rsa.pub) in the /root/.ssh/ directory on your local system.

Next, you will need to upload the generated public key to your remote server.

First,  create a new .ssh directory on the remote server with the following command:

ssh root@remote_server mkdir -p .ssh

Next, you need to copy the public key into the authorized_keys file on the remote server, with the following command:

cat /root/.ssh/id_rsa.pub | ssh root@remote_server 'cat >> /root/.ssh/authorized_keys'

Change the permissions of both the .ssh directory and the public key.

ssh root@remote_server chmod 700 .ssh
ssh root@remote_server chmod 600 .ssh/authorized_keys

Now, login to your server and open the SSH configuration file:

nano /etc/ssh/sshd_config

Make sure the following lines exist and are not commented:

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys

Save the changes and restart the SSH service:

service sshd restart

That’s it. From now on, you will be using the SSH keys every time you try to connect to your remote server.

2. Generating SSH keys on Windows

If you are using the Windows operating system on your local machine, then you will need PuTTY for connecting to your server via SSH and PuTTYgen to generate your SSH keys. You can download the latest versions over here.

To generate the SSH keys, go ahead and start PuTTYgen on your computer.

At the bottom, you can choose the number of bits for your generated key. Type in 4096 and then click on “Generate”. Start moving your mouse around over the blank area in the PuTTYgen screen in order to generate a unique key based on your mouse movement input.

When the green progress bar fills in, the public key will be generated. You can copy they key and save it inside a .txt file on your computer.

To save the private key, you will need to click on the “Save private key” button. Additionally you can also set a “Key Passphrase” for your private key that you will need to use everytime you log in to your server using your key.

Now you can open PuTTY and assign the location of your private key. Click on “SSH” under the “Connection” menu and then click on “Auth”. Click on the “Browse” button and enter the location of your saved private key file.

Next, you will need to upload the public key to your server. To do this, click on “Session”, enter your IP address and the SSH port number of your server, select SSH for Connection type and click on “Open”.

You will be asked for your username and password. You can log in as user root, using your root password.

Once logged in to your server as user root, you will first need to create the .ssh directory:

mkdir /root/.ssh

Then create the “authorized_keys” file inside the .ssh directory and add the contents of your public key inside this file:

nano /root/.ssh/authorized_keys

Make sure you save the file. Additionally, run the following commands to update the permissions:

chmod 700 /root/.ssh
chmod 600 /root/.ssh/authorized_keys

You can also open the SSH configuration file on your server with:

nano /etc/ssh/sshd_config

and make sure that the following lines exist and are not commented:

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys

If any changes have been made, you will need to restart the SSH service with:

service sshd restart

With this, the SSH keys have been successfully configured. You can now disconnect from your server and exit PuTTY. The next time you try to connect to your server, PuTTY will use the public key that you have set up in order to establish the connection.

 

Of course, you don’t have to set up ssh key by yourself  if you use one of our outsourced server support services, in which case you can simply ask our expert Linux admins to help you set up the SSH keys for your server. They are available 24×7 and will take care of your request immediately.

PS. If you liked this post on how to set up SSH keys, please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *