Linux Cloud Servers | Create and Install SSH Key Pairs

SSH keys provide an easy, secure way of logging into your server and are recommended for all users.

Installation #

What’s up, Linux Community!!! In this video, we’ll focus on setting up SSH keys for Ubuntu 22.04 installation. SSH keys provide an easy, secure way of logging into your server and are recommended for all users.

Commands #

Verify you can Connect to the Server #

ssh server_ip

After verifing you can login, exit the server.

Creating the Key Pair #

Create Key Pair on the client machine:

ssh-keygen

Output Example:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/josh/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/josh/.ssh/id_rsa
Your public key has been saved in /home/josh/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:g5Sr8w/hk7MJ5n5aiqdfTVUZr+2Qt+qCiS7BIm5Iv0dxrc3ks josh@ub22
The key's randomart image is:
+---[RSA 3072]----+
|                .|
|               + |
|              +  |
| .           o . |
|o       S   . o  |
| + o. .oo. ..  .o|
|o = oooooEo+ ...o|
|.. o *o+=.*+o....|
|    =+=ooB=o.... |
+----[SHA256]-----+

Copying the Public Key To Server #

Inport GPG Key:

ssh-copy-id username@server_ip

Output Example:

The authenticity of host '192.168.10.55 (192.168.10.55)' can't be established.
ECDSA key fingerprint is e1:55:fd:d4:f9:77:00:ad:d6:6d:22:fd:fe:73:84:fe.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
josh@192.168.10.55's password:
Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'josh@192.168.10.55'"
and check to make sure that only the key(s) you wanted were added.

Verify you can Connect to the Server #

ssh server_ip

Verifing you can login with key authentication. You should not be prompt for a password unless you create a passphase while creating the key pair.

Disabling Password Authentication #

Edit SSH Server config:

sudo nano /etc/ssh/sshd_config

Make changes to config to disable password authentication:

. . .
PasswordAuthentication no
. . .

Save & Exit config

Restart SSH Server #

sudo systemctl restart ssh