SSH keys provide an easy and secure way of logging into your server and we recommend it for all installations.
Ok let's start, first step is to create a key pair on the client machine
ssh-keygenYou may optionally pass in the -b 4096 flag to create a larger 4096-bit key. By default a 2048-bit RSA key pair will be created.
Output of ssh-keygen:
Generating public/private rsa key pair.
Enter file in which to save the key (/your_home/.ssh/id_rsa):Press enter to save the key pair into the .ssh/ subdirectory in your home directory.
Output is:
Enter passphrase (empty for no passphrase):Optionally you may enter a secure passphrase. In this case we just hit ENTER for no pass.
Output is:
Your identification has been saved in /your_home/.ssh/id_rsa.
Your public key has been saved in /your_home/.ssh/id_rsa.pub.
The key fingerprint is:
a9:49:2e:2a:5e:33:3e:a9:de:4e:77:11:58:b6:90:26 username@remote_host
The key's randomart image is:
+--[ RSA 2048]----+
| ..o |
| E o= . |
| o. o |
| .. |
| ..S |
| o o. |
| =o.+. |
|. =++.. |
|o=++. |
+-----------------+Your keys are now ready to use. Next step is to place the public key on your server so that you can use SSH-key-based authentication .
Quickest way to copy your public key to the remote host is to use a utility called ssh-copy-id
ssh-copy-id username@remote_host
Now you should be able to log into the remote host without the remote account’s password :
ssh username@remote_hostKey-based authentication works, now secure your server by disabling password authentication.
