SSH key-based authentication is a method to securely access remote servers without using a password. This technique enhances security by replacing traditional password-based logins with cryptographic keys. In this guide, we’ll show you how to configure SSH key-based authentication to set up remote SSH login without a password.
Related: How to Prevent SSH Session Timeout on macOS and Linux
Step 1: Generate SSH Key Pair
Open the Terminal on your local machine:
For macOS, Linux, or Windows, you’ll need a terminal that supports SSH, like Git Bash or the default terminal.
Generate the SSH key pair:
Run the following command in your terminal:
$ ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
This command generates a public-private key pair, a crucial step in setting up SSH key-based authentication.
Follow the prompts: Save the key in the default location or specify a different path if needed. Consider setting a passphrase for extra security.
Step 2: Copy the SSH Public Key to the Remote Server
Copy the public key to the remote server:
$ ssh-copy-id username@remote_host
This command copies the public key to the remote server, enabling SSH key-based authentication.
Enter your password:
After entering your password for the last time, the server will be configured to use your SSH key for future logins.
Step 3: Test the SSH Key Authentication
Connect to the remote server:
$ ssh username@remote_host
You should now be able to log in without entering a password, thanks to SSH key-based authentication.
Troubleshooting: If prompted for a password, ensure file permissions are set correctly. The ~/.ssh
directory should have permissions of 700
, and ~/.ssh/authorized_keys
should be 600
.
Step 4: (Optional) Disable Password Authentication on the Remote Server
To further enhance security, consider disabling password authentication entirely:
Edit the SSH configuration file:
$ nano /etc/ssh/sshd_config
Disable password authentication:
Find and modify the following line:
PasswordAuthentication no
Restart the SSH service:
$ sudo systemctl restart sshd
Conclusion
Implementing SSH key-based authentication provides a secure and convenient way to manage remote logins. By following this guide, you’ve not only improved your security posture but also streamlined your SSH login process.
For further reading on SSH security and best practices, you might find these resources useful: