Coffee without sugar

Posted on Feb 16

How to Set Up SSH Keys for Secure Server Access

Why SSH Keys are Better Than Passwords

1. Stronger Encryption

SSH keys use robust encryption algorithms like RSA or ECDSA, ensuring high protection against unauthorized access.

2. No Password Transmission

When using SSH keys, passwords are never transmitted over the network. This eliminates the risk of password interception during transmission over unsecured connections.

3. Key Storage Security

Your private key stays only on your device, significantly reducing the risk for attackers even if your public key is exposed.

4. Convenience and Automation

SSH keys allow for passwordless login, making them ideal for automated processes, such as scripts or backups.

5. Key Brute-Force Resistance

Common key lengths (like 2048 bits for RSA) make it practically impossible to crack SSH keys using brute-force attacks.

Overall, SSH keys are a vital component for securing your system, offering a high level of security and convenience during server access.

Setting Up SSH Keys

Step 1: Generate SSH Keys

To generate a new SSH key pair, run the following command:

ssh-keygen -t rsa

This will create a key pair without a passphrase, ensuring secure access to the server.

Step 2: Follow the Prompts During Key Generation

Once you run the command, you will see the following prompts:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:7bFVOyHlwW6y4s3... username@hostname
The key's randomart image is:
+---[RSA 2048]----+
|     .o.         |
|   o..o=         |
|    =.=o+.       |
|   o = +E.       |
|  . + = S        |
| . o + .         |
|  . + .          |
|   o .           |
|                 |
+----[SHA256]-----+

Step 3: Add the Public Key to the Server

On Windows:

The public key is stored at:

C:\Users\username\.ssh\id_rsa.pub

On Linux:

The public key is stored at:

/home/username/.ssh/id_rsa.pub

On the Server:

To add your public key to the server, follow these steps:

For your user:

nano ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

For the root user:

nano /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys

Step 4: Disable Password Authentication

To further enhance security, you can disable password authentication entirely.

Open the SSH configuration file on your server:
```
sudo nano /etc/ssh/sshd_config
```
Find the line that says PasswordAuthentication and change it to no:
```
PasswordAuthentication no
```
Restart the SSH service to apply the changes:
```
sudo systemctl restart sshd
```

This will ensure that only SSH keys can be used for login, improving security by eliminating the possibility of password-based access.

By following these steps, you'll significantly enhance the security of your server, ensuring only authorized users can access it using SSH keys.

Amplify your impact where it matters most — building exceptional apps.

Leave the infrastructure headaches to us, while you focus on pushing boundaries, realizing your vision, and making a lasting impression on your users.

Get Started

Top comments (0)

5 Playwright CLI Flags That Will Transform Your Testing Workflow

0:56 --last-failed
2:34 --only-changed
4:27 --repeat-each
5:15 --forbid-only
5:51 --ui --headed --workers 1

Learn how these powerful command-line options can save you time, strengthen your test suite, and streamline your Playwright testing experience. Click on any timestamp above to jump directly to that section in the tutorial!

DEV Community