back to top
HomeTutorialsUbuntuHow to Set Up SSH Keys on Ubuntu

How to Set Up SSH Keys on Ubuntu

How to install Wordops in Ubuntu 24.04 (Noble)

WordOps provide the ability to deploy a blazing fast and secured WordPress with Nginx by...

How to Set Up UFW Firewall on Ubuntu 24.04...

Ubuntu 24.04 LTS comes with UFW Firewall that protects the server against unauthorized access. This...

Linux Commands Cheat Sheet List

Linux commands may seem intimidating at first glance if you do not use the terminal...

Popular Nginx Commands (Systemctl & Nginx Commands)

Nginx is a powerful server application that routes network traffic. It's often used as a reverse proxy server but...

How To Change Timezone in Ubuntu 24.04 with Terminal

Using the correct date and time on your Ubuntu system is essential for tasks and...

SSH, or secure shell, is an encrypted protocol used to administer and communicate with servers. When working with a Linux server you may often spend much of your time in a terminal session connected to your server through SSH. You log in to VPS via username root and password automatically generated by the publisher. You can lose access to VPS if you reveal your password or have your password detected via Brute Force Attack. Therefore, using SSH Keys will be much more secure than the traditional password login method.

What is a public key authentication

OpenSSH server supports various authentication schema. The two most popular are as follows: Passwords based authentication. Public key based authentication. It is an alternative security method to using passwords. This method is recommended on a VPS, cloud, dedicated or even home based server.

Installing sshd server on Ubuntu Linux

sudo apt install openssh-server

Verify that ssh service running

sudo systemctl status ssh

How to creating SSH Keys

The first step to configure SSH key authentication to your server is to generate an SSH key pair on your local computer.

We can use a special utility called ssh-keygen, which is included with the standard OpenSSH suite of tools. By default, this will create a 3072 bit RSA key pair.

ssh-keygen

By default recent versions of ssh-keygen will create a 3072-bit RSA key pair, which is secure enough for most use cases (you may optionally pass in the -b 4096 flag to create a larger 4096-bit key).

Copying the Public Key

You need to save the Public Key information at ~/.ssh/authorized_keys to authenticate logins using SSH Keys.

cat ~/.ssh/id_rsa.pub

Once you have access to your account on the remote server, you should make sure the ~/.ssh directory exists.

mkdir -p ~/.ssh
nano ~/.ssh/authorized_keys

Copy the entire content of the Public key (in the form ssh-rsa AAAA…) and insert it at the end of the file. Press Ctrl+O to save the content and Ctrl+X to exit the editor.

Disabling Password Authentication

If you were able to log into your account using SSH without a password, you have successfully configured SSH-key-based authentication to your account. However, your password-based authentication mechanism is still active, meaning that your server is still exposed to brute-force attacks.

sudo nano /etc/ssh/sshd_config

Inside the file, search for a directive called PasswordAuthentication. This line may be commented out with a # at the beginning of the line. Uncomment the line by removing the #, and set the value to no. This will disable your ability to log in via SSH using account passwords:

PasswordAuthentication no

Save and close the file when you are finished by pressing CTRL+X, then Y to confirm saving the file, and finally ENTER to exit nano.

sudo systemctl restart ssh

The SSH daemon on your Ubuntu server now only responds to SSH-key-based authentication. Password-based logins have been disabled.

LEAVE A REPLY

Please enter your comment!
Please enter your name here