Tutorial: Adding an SSH Key to a Server
In this tutorial, we will guide you through the process of adding an SSH key to a server, which enhances the security of your server by allowing secure, passwordless access. If you don't have an SSH key yet, we'll also show you how to create one.
- A terminal or command prompt to run commands.
- Access to the server you want to add your SSH key to.
- Basic knowledge of using the command line.
Part 1: Creating a SSH Key
- Open your terminal (or command prompt if you are using Windows).
- To generate an SSH key pair, simply run the following command: “ssh-keygen”
- You'll be prompted to choose a location to save the key pair. Press Enter to accept the default location, which is usually ~/.ssh/id_rsa for the private key and ~/.ssh/id_rsa.pub for the public key.
- Optionally, you can set a passphrase for extra security. This adds an extra layer of protection to your private key.
- Your SSH key pair has been generated. You can find your public key in the ~/.ssh/id_rsa.pub Open it with a text editor and copy the entire key.
Part 2: Adding Your SSH Key to the Server
- Log in to your server using your preferred method (e.g., username and password). Ensure you have the necessary permissions to add SSH keys to the server.
- First, make sure the .ssh directory exists in your home directory. You can create it if it doesn't already exist by running: “mkdir -p ~/.ssh “
- Next, open the authorized_keys file in the .ssh directory using a text editor like nano. If the file doesn't exist, it will be created: “nano ~/.ssh/authorized_keys”
- Inside the authorized_keys file, you should paste your public key. To make it easy to identify, add a comment at the beginning of the line. It typically looks like this:
<paste your public key here>
- Save the file and exit the text editor. In nano, you can do this by pressing Ctrl + X, then Y to confirm the changes, and Enter to save.
- To enhance security, disable password-based authentication and enforce key-based authentication. Open the SSH server configuration file in an editor:
“sudo nano /etc/ssh/sshd_config”
- Look for the line that says PasswordAuthentication. Uncomment the line (remove the # if present) and change its value to no like this:
- Save the file and exit the text editor (in nano, it's Ctrl + X, then Y, and Enter).
- Finally, restart the SSH service to apply the changes: “sudo systemctl restart ssh”
Congratulations! You've successfully added an SSH key to your server and disabled password-based authentication.
You can now log in to your server securely using your SSH key.
Remember to keep your private key secure and never share it.