How To Setup SSH Public Key Authentication On Linux

How To Setup SSH Public Key Authentication On Linux

Why using SSH Public Key Authentication On Linux? Public Key Authentication is much more secure than SSH password authentication.
In case if your server allows password authentication, remote attackers will try guess your SSH password with brute-force attacks.

Login into remote server and create .ssh folder for keeping authorized_keys

$ cd
$ mkdir .ssh
$ chmod 0700 .ssh

Generate SSH key pair

On the client computer generate key pair with command:

$ ssh-keygen -t rsa -C "Comment"

You can type file name or just hit enter button. Also hit twice enter button for empty passphrase:

ssh-keygen

Now you have generated key pair in .ssh folder.

id_rsa          Private Key (DO NOT SHARE)
id_rsa.pub  Public Key

 

Install generated public key onto remote server

 

$ ssh-copy-id -i $HOME/.ssh/id_rsa.pub username@YourRemoteServer

 

Sample output:

Source of key(s) to be installed: "****/id_rsa.pub"
attempting to log in with the new key(s), to filter out any that are already installed
1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh 'username@YourRemoteServer'"
and check to make sure that only the key(s) you wanted were added.

Now try logging into the machine

ssh 'username@username@YourRemoteServer

 

Disable ssh password login on Linux

Edit SSH server configuration file sshd_config:

vi /etc/ssh/sshd_config

Find in config file and edit next parameters:

ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
PermitRootLogin no

Save and restart SSH server:

# /etc/init.d/ssh restart

OR

# systemctl restart ssh

Now test to to login with next command:

$ ssh [email protected] -o PubkeyAuthentication=no

Sample output:

Permission denied (publickey).

 

arstech

Leave a Reply