💾 Archived View for darknesscode.xyz › notes › ssh-keygen.gmi captured on 2024-02-05 at 09:44:51. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-12-05)
-=-=-=-=-=-=-
Using a ssh-key to connect a remote server (in local network or out the local network).
Generate the keys, using the defaults. This steps is for a local network and passwordless.
First generate the ssh key in your local machine then we are going to copy out public key to the server:
ssh-keygen
Follow the instructions, in this case just hit enter and enter, until the process ends. We want passwordless to connect to our server.
Now we have to new files in ~/.ssh folder, this files are:
id_rsa --> Private Key (goes in your local machine) id_rsa.pub --> Public key (goes in the server)
Enable the ssh agent:
eval "$(ssh-agent -s)"
Set the ssh agent to use the key:
ssh-add ~/.ssh/id_rsa
We need to copy the public key to our server, the key is storage in authorized_keys file. There are two options to copy our public key to the server but we are lazies here so we use the easy way
ssh-copy-id -i ~/.ssh/id_rsa.pub username@ip.address.to.server
Follow the instructions then the server will ask for the server password. When everything is done try to login in your server
ssh username@ip.address.to.server
If everything went well you will logged in your server without password.
If you want to connect to a remote server (VPS, Web Hosting, Local Server with public IP address)
ssh-keygen -t rsa -b 4096 -C "your@email.com"
For this use a strong password for extra security. The process is the same you need to copy the public key to the server, in some cases (servers) you need to copy the public key manually (copy and past)
If you want to use your public key without password is OK but we recommend to disable the access to your server via ssh with password and the only way to login in the server is with the private key.
Before disable the ssh login you need to do the above process and make sure is working fine, then edit the ssh_config:
sudo vim /etc/ssh/ssh_config
Under # Host *, change or add this lines:
PasswordAuthentication no UsePAM no ChallengeResponseAuthentication no
Restart ssh according to your server Linux distro. If the server use systemctl:
systemctl restart sshd
If you like to learn more about ssh, visit the official web site [here](https://www.ssh.com/ssh/).
----------
----------
© DarknessCode