SSH keys are used to secure your server from unwanted login attempts or even successful intrusions. SSH key pair is like a currency note split into two pieces and each one given to two parties which plan to communicate and deal securely in future, as shown in movies.
In this simple tutorial I will show you how to create and use a ssh key pair to make connection to remote machine or server.
Create new ssh key pair
We can create SSH key pair on our local machine using OpenSSH Client. The public keys are placed on a remote machine/server to allow access to and private keys are places in the local machine you are accessing from.
To create a key/pair we will use ssh-keygen tool. This tool is available on most Linux based system by default. If it is not please install it.
On your terminal , enter the following command and follow the instructions.
ssh-keygen -t rsa -b 4096
Where:
-tstands fortype. The above command generates an RSA type keypair. RSA is the default type.-bstands forbits. By default the key is 3072 bits long. We use a 4096 bits key for stronger security.
Name your key such as key_name if you want to name it other than default id_rsa. Enter a password to validate your key whenever it is used. I usually keep it simple or with no password.
Following above steps you should have two files in the current folder or in the path you entered for your key pair. The one file without an extension is your private key and one with .pub extension is your public key.
Set read-only permissions to your private key otherwise your local machine throw and error when you try to use it.
$ chmod 400 key_name
The public key needs to be placed on the machine or server you want access to. Most Linux based systems has ssh-copy-id available keys to
$ ssh-copy-id -i key_name.pub root@xxx.xxx.xxx.xxx
Enter the current root password and it should be copied to your server’s ~/.ssh folder. Once you have uploaded your public key to your server and and after a ssh service restart i.e. sudo systemctl restart ssh.service it should be ready to use.
Using SSK key pair to connect
There are two ways to use it.
- To point to local private key in command line
ssh -l root -i /path/to/your/private/key/key_name xxx.xxx.xxx.xxx
- To point in the
configfile in.sshfolder
In /Users/{username}/.ssh folder create a new file with nameconfigif it is not there already. Add the following lines to it:Host xxx.xxx.xxx.xxx IdentityFile /path/to/your/private/key/key_nameAfter saving the file you can do:
ssh root@xxx.xxx.xxx.xxx
and it should work.
Conclusion
In this simple tutorial you learn in brief about SSH key and the need to use an SSH key. Also you learned to create SSH key using ssh-keygen tool and use it to communicate to remote machine or server.
