frame
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Sign In RegisterHowdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
Categories
- 495 All Categories
- 312 General
- 144 General Discussions
- 67 Feature Request/Bug Report
- 56 Sales Questions and Answers
- 16 Time4VPS Life
- 13 Help requests
- 15 Server management
- 220 Tutorials
- 51 Various Tutorials
- 40 Web hosting control panels
- 40 Performance and Security
- 25 Web Applications
- 44 Linux Applications
- 20 Windows VPS
Howdy, Stranger!
It looks like you've been lurking for a while.
If you register, we also will remember what you have read and notify you about new comments. You will also be able to participate in discussions.
So if you'd like to get involved, register for an account, it'll only take you a minute!
How to set up and use SSH keys
Anastasija
Member
For security reasons, it is recommended to use SSH keys instead of a password for accessing the server. The biggest advantage SSH keys provide is that its nearly impossible to be deciphered, while a password could be cracked or intercepted by brute-force password attacks. Furthermore, authentication by SSH keys is more convenient than using a password, due to you will be able to connect a server or multiple servers without any need to remember and enter your password each time.
1. Generating SSH keys pairSSH keys are always generated in pairs with the private and public keys. The private key should be safely guarded and known only by you. The public key can be shared with any server, which you would like to access.
Generate SSH keys via command line in Linux OS
To generate SSH keys run the command:
ssh-keygen -t rsa -b 4096
Then you will be asked in which file key should be saved:
Enter file in which to save the key (/home/username/.ssh/id_rsa): Secondly, you will be asked for a passphrase:
Enter passphrase (empty for no passphrase): It is not required but highly recommended because passphrase provides more security. Without a passphrase, your private key would be stored on your computer in an unencrypted form. We recommend enter the passphrase and choose something that will be hard to guess in order to ensure the security of your private key.
Finally, you will see a message, where your private and public keys were saved:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
4d:23:69:6a:7a:39:12:a2:eb:bb:d6:78:66:2a:64:a9 root@server.hostnameGenerating SSH keys via PuTTY Key Generator (PuTTYgen) in Windows OS
PuTTYgen is a free utility, which we will use to generate SSH keys for use in PuTTY to connect the server. PuTTYgen and PuTTY client could be downloaded here. Run downloaded PuTTYgen and press button Generate:
After pressing Generate start moving the mouse within the window, because Putty uses mouse movements to collect randomness. When key would be generated enter passphrase to Key passphrase: and Confirm passphrase: fields. Note: it is not required, but highly recommended because passphrase provides more security. Without a passphrase, your private key would be stored on your computer in an unencrypted form. We recommend enter a passphrase and choose something that will be hard to guess in order to ensure the security of your private key.
Then press buttons Save public key and Save private key, enter names for files and choose the folder where files should be stored:
2. Set up SSH keys
To set up SSH keys to your server you could install / re-install OS. First of all open saved public key file and perform these changes:
For key generated via the command line (Linux OS)
You may see such key:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4H28lnMmxT6c+6KzlNGuUDH7C+bWwyaMpp4gV/iOyX0R/laSeliolW1fxJdVHkLKUL7uewMu+h6RDsjkprFZKP7XEdzxYFRzOKzB541QjIunl33qhd6XLgdc4o0ddJs6RGYaxJJgxYWmBNS+1HKEGWK9uCONRv9CJD/QY/BTaMXfHMMf2FLrYJcIebVPsciz0HngAJ04I/KptGf+ILQQ+kLEeKJJIFRC4Zu0+pbX1niF7oMXXHdvf7xypF8pleDLJzWD92KF7AFlQ+973v/sL2bM5yRPZlX7LcG6GsNdc34Ht2drbmfFEwsN12W7jCEomCIucoXieInxECOI9AUTj root@server.hostname
Change root@server.hostname to root@<server_ip_address>, where <server_ip_address> is your server IP address. After changes public key should look like:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4H28lnMmxT6c+6KzlNGuUDH7C+bWwyaMpp4gV/iOyX0R/laSeliolW1fxJdVHkLKUL7uewMu+h6RDsjkprFZKP7XEdzxYFRzOKzB541QjIunl33qhd6XLgdc4o0ddJs6RGYaxJJgxYWmBNS+1HKEGWK9uCONRv9CJD/QY/BTaMXfHMMf2FLrYJcIebVPsciz0HngAJ04I/KptGf+ILQQ+kLEeKJJIFRC4Zu0+pbX1niF7oMXXHdvf7xypF8pleDLJzWD92KF7AFlQ+973v/sL2bM5yRPZlX7LcG6GsNdc34Ht2drbmfFEwsN12W7jCEomCIucoXieInxECOI9AUTj root@127.0.0.1
Choose actual OS from the drop-down list, mark Use SSH key and paste the public key to the field below.
For key generated via PuTTYgen (Windows OS)
You may see such key:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20170914"
AAAAB3NzaC1yc2EAAAABJQAAAQEAhdTLlJz6DiY25lj1nmjULToCqbkVideWg3xM
JQa0TEpCxy/IYdmsg6T4thWD0Y42btuKT8x7gKwjlttuRoQPCQomlyCBoVsdM+ax
/U6PxvjWNpVVrk6qXORslLsRU/LvCn2NkfLZiYZGIE3SrcPvQIiYQJ/yZBCJg/7L
OnTkGbzJq9SR+iyAVmL3xduMKx8KOB8Ohk3o6N/1onFizBCnrUAXpN3vh2dCZCPF
nOb+lcjqn8LplFUv205kSJH8kHbRsc8N1QBl0U9UX+Ij72KKq0HyG21lZdF1UF4H
NTyuzaS1luknL6QuhQQ9IcYmedw7BxcIIBkDsorE4cFquU+gjQ==
---- END SSH2 PUBLIC KEY ----
Copy key between comment Comment: "rsa-key-20170914" and end of key ---- END SSH2 PUBLIC KEY ----. Also delete all new lines and spaces, which could be by opening a file via Notepad. Choose actual OS from the drop-down list and mark Use SSH key. To the field below enter "ssh-rsa ", then paste copied public key and enter " root@<server_ip_address>", where <server_ip_address> is your server's IP address. The pasted public key should look like:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAlnlhLnzD3+8yEYQoO724H86b/zjHEJWNy/W8AEYsQTCnkhY2lC+O6lVjBI3Fssr4cTNTZ6H+Yh0nbqUdBoYJjkXjAMHVNDo0FYJH5Urgq6OeV3EaxZeuQxcSTzSU4zXBB2SlQ5ZYNGsEGW71nnXPWB4ji8dbJTyodiMlcR/1GuW2d8cPNXUj/gk381NypSvdLF9T4XNAOfQWtFR13wg/YtgnIM1m3jjbtoLo1GKgau68NEp5oQVOMHWQC7/cHqJaWWsbEt/lQjr9wUoMIjjwzThJlWwF86rNVRkz+ORBDyoDioFTXcOSe93hy2Hm4ow8F2kDqlS+05v/qShOTiKWWw== root@127.0.0.1
3. Connect server with SSH keys
Connection via PuTTY (for Windows OS)
Most convenient is to create and save a profile for connection in PuTTY. First of all open PuTTY and in the Host Name (or IP address) field enter your server hostname or IP address. Enter the port for SSH into field Port (default is 22) and mark SSH as Connection type:
On the left-hand side of the window select Data under Connection. To the field Auto-login username enter root:
Expand SSH under Connection and select Auth. Click button Browse on the right-hand side of the window and choose your private key.
Select the Session category and enter a profile name to the Saved Sessions field. Click button Save in the Load, Save or Delete a stored session area.
Now you are to log in with saved profile - just choose it in the list under Saved Sessions and click button Open. You will not be asked for a password, but, if you had set a passphrase, you would be asked for it at every time you log in.
Connection via the command line (for Linux OS)
Firstly you need to create a ~/.ssh/config file on your computer and add key and server details to it:
Host shortcut
HostName serverIPAddress
User root
IdentityFile /home/username/.ssh/id_rsa
Where:
* Host is the name of shortcut you will use for connecting your server
* HostName is IP address of the server you would connect
* User is root
* IdentityFile is the full route to your private key
After ~/.ssh/config file would be created, you will be able to connect the server by shortcut name via command:
ssh shortcutYou will not be asked for a password, but, if you had set a passphrase, you would be asked for it at every time you log in.
foot
Feel free to join our constantly expanding community, participate in discussions, strengthen your knowledge on Linux and Windows server management!
© 2013 - 2024 Time4VPS. All rights reserved.