Generate SSH key-pair
This is done on local machine by running
ssh-keygen -t rsa -b 4096 -C "[email protected]"
This command prompts for passphrase, create one if wanted or leave empty.
When done, a file is created with the name
id_rsa.pub
in the .ssh
folder in home directory/Users/USER/.ssh/id_rsa.pub
File contents can be viewed through Nano, Vim, or VSCode (if installed on local system and added to PATH)
code /Users/USER/.ssh/id_rsa.pub
# OR
vim /Users/USER/.ssh/id_rsa.pub
# OR
nano /Users/USER/.ssh/id_rsa.pub
The key can be viewed there and copied to the remote machine.
Copying the Public Key to Remote Machine
The easiest way of copying this key to a remote machine is by running
ssh-copy-id [email protected]
root
is the username on remote machine and 1.2.3.4
is its IP address.This should copy the key to the remote machine and set up password-less authentication and you’re ready to go.
Disabling SSH Password Authentication (Optional)
For an extra layer of security and to stop brute-force attacks on server. Password authentication can be disabled
The following file can be edited on the remote machine with any text editor
nano /etc/ssh/sshd_config
The following directives should be changed to these values
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no
Then restart SSH service
sudo systemctl restart ssh
And we’re done!
Loading Comments...