#!/linuxSucks/SSH Keygen

Jun 21, 2020

Using a ssh-key to connect a remote server (in local network or out the local network).

Generate the keys, using the defaults. This steps is for a local network and passwordless.

SSH Keygen in local machine

First generate the ssh key in your local machine then we are going to copy out public key to the server:

ssh-keygen

Follow the instructions, in this case just hit enter and enter, until the process ends. We want passwordless to connect to our server.

Now we have to new files in ~/.ssh folder, this files are:

id_rsa --> Private Key (goes in your local machine)
id_rsa.pub --> Public key (goes in the server)

Enable the ssh agent:

eval "$(ssh-agent -s)"

Set the ssh agent to use the key:

ssh-add ~/.ssh/id_rsa

We need to copy the public key to our server, the key is storage in authorized_keys file. There are two options to copy our public key to the server but we are lazies here so we use the easy way

ssh-copy-id -i ~/.ssh/id_rsa.pub username@ip.address.to.server

Follow the instructions then the server will ask for the server password. When everything is done try to login in your server

ssh username@ip.address.to.server

If everything went well you will logged in your server without password.

SSH Remote Server

If you want to connect to a remote server (VPS, Web Hosting, Local Server with public IP address)

ssh-keygen -t rsa -b 4096 -C "your@email.com"

For this use a strong password for extra security. The process is the same you need to copy the public key to the server, in some cases (servers) you need to copy the public key manually (copy and past)

If you want to use your public key without password is OK but we recommend to disable the access to your server via ssh with password and the only way to login in the server is with the private key.

Before disable the ssh login you need to do the above process and make sure is working fine, then edit the ssh_config:

sudo vim /etc/ssh/ssh_config

Under # Host *, change or add this lines:

PasswordAuthentication no
UsePAM no
ChallengeResponseAuthentication no

Restart ssh according to your server Linux distro. If the server use systemctl:

systemctl restart sshd

If you like to learn more about ssh, visit the official web site here.

Home  Linux  Notes  Blog Spot