SSH stands for “Secure Shell” and is an encrypted protocol used to log in and manage a remote server. SSH also supports various authentication mechanisms. SSH uses password-based authentication and public key-based authentication for a secure connection between a client and a server. SSH key-based authentication is more secure than password-based authentication because keys are very hard to guess or crack using currently available computing power.
In this tutorial, we will show you how to set up SSH key-based authentication on an Ubuntu 18.04 server.
Prerequisites
Step 1 – Create an Atlantic.Net Cloud Server
First, log in to your Atlantic.Net Cloud Server. Create a new server, choosing Ubuntu 18.04 as the operating system with at least 2GB RAM. Connect to your Cloud Server via SSH and log in using the credentials highlighted at the top of the page.
Jul 30, 2015 In fact, if you don't mind leaving a private key unprotected on your hard disk, you can even use keys to do secure automatic log-ins - as part of a network backup, for example. Different SSH programs generate public keys in different ways, but they all generate public keys in a similar format. Dec 18, 2019 In this tutorial, we will walk through how to generate SSH keys on Ubuntu 18.04 machines. We will also show you how to set up an SSH key-based authentication and connect to your remote Linux servers without entering a password.
Once you are logged into your Ubuntu 18.04 server, run the following command to update your base system with the latest available packages.
Step 2 – Generate the SSH Key on the Client Machine
https://maxxclever658.weebly.com/blog/256-bit-encryption-key-generator-java. First, log in to your client machine and generate a new SSH key pair by running the following command:
You will need to press Enter to accept the default file location and provide a passphrase to add an extra layer of security, as shown below:
The above command will generate a 2048-bit RSA key pair with a secure passphrase to prevent unauthorized users from logging in.
You can see the generated public and private keys with the following command:
You should see the following output:
At this point, you have public and private keys that you can use to authenticate with your Ubuntu server.
Step 3 – Copy the Public Key to the Ubuntu Server
Next, you will need to copy the public key from the client machine to your Ubuntu 18.04 server. You can copy the public key with ssh-copy-id utility as shown below:
You should see the following output:
Type “yes” and press ENTER to continue. You should see the following output:
Next, you will be prompted to enter the remote username and password. After the successful authentication, the content of the public key ~/.ssh/id_rsa.pub will be appended to the remote user ~/.ssh/authorized_keys file as shown below:
Step 4 – Disable SSH Password Authentication
Next, log in to your Ubuntu 18.04 server machine and disable SSH password-based authentication to add an extra layer of security to your server.
You can disable password-based authentication by editing the file /etc/ssh/sshd_config:
Find the following lines and change the value to “no”:
Save and close the file, then restart SSH service to apply the configuration:
Step 5 – Log in to the Server using SSH Keys
At this point, SSH key-based authentication is configured. Now it’s time to log in to the Ubuntu 18.04 server machine with the public key.
You can login to your Ubuntu 18.04 server by simply running the following command:
If you are logging in for the first time, you will be prompted as shown below:
Type Yes and hit Enter key to continue. Next, you will be prompted to enter the passphrase for your private key as shown below:
Provide your private key passphrase and hit Enter to log in to your server.
Conclusion
In the above tutorial, we learned how to set up an SSH key-based authentication with a passphrase on Ubuntu 18.04. The connection between your client machine and Ubuntu 18.04 server machine is now highly secure. You can also use the same key for another remote server. If you’re ready to get started with SSH key-based authentication, try VPS hosting with Atlantic.Net today.
SSH allows for both password based authentication, as well as public key authentication. Public key authentication is generally regarded as being more secure, as it isn’t as prone to brute force login attempts (if you disable password based authentication). The private key can also have a passphrase associated with it, which makes public key authentication even more secure if needed.
Sometimes cloud servers will let you put a public key in as a authorized authentication key when the cloud server is created, preventing the need for password based authentication to be enabled by default. Generate a new SSH public and private key pair:
“Identifying comment” can be any string that will assist in determining which key this is. “username@hostname” of the machine where you are connecting from would be a good example.
eg:
This will generate two files, “keypair” and “keypair.pub”. “keypair” being the private key that you need to keep secure, and “keypair.pub” being the public key, that can be put on servers that you want to be able to log into with the private key.
Change the filename to suit your needs. This example uses “keypair” for the examples. The contents of the public key file “keypair.pub” can be inserted into the ~/.ssh/authorized_keys file on the machine that you want to be able to connect into remotely. This must be done for the specific user. Insert public key into authorized keys View the contents of the public key file:
eg:
Take note of the output, and copy it into the clipboard if possible, or use some other method to get this file/data onto the remote machine, as it will be used in the next step.
On the remote server you want to be able to log into:
If you have chosen to copy the public key file to the remote host instead, you can issue the following command instead:
Logging into remote ssh server using the private key file
To connect to the remote host using SSH you can use the following command:
This will use the private key called “keypair” created earlier, and assuming the remote server has the public key added to the “user” users authorized_keys file, you should be able to log into the remote system.
Generate Private And Public Keyadding persistent static routes on ubuntuFebruary 1, 2015Extract the public certificate and private key from a pfx file using OpenSSLFebruary 1, 2015Ubuntu Create Public Private Key PairHow To Change The SSH Server Port NumberMarch 8, 2012Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |