The SSH
supports different kinds of authentication techniques. One of the most common mechanisms is password authentication, and the other one is public-key-based authentication. In both, the public key-based authentication is more secure and convenient than the password authentication method and based on digital signatures.
$ ls -l ~/.ssh/id_*.pub
If you will receive an error saying No such file or directory
then, it means you don’t have an SSH key on your machine.
$ ssh-keygen -t rsa -b 4096 -C "[email protected]"
then answer several questions. Notes: just leave passphrase empty
.
$ ls ~/.ssh/id_*
/home/sudiman/.ssh/id_rsa /home/sudiman/.ssh/id_rsa.pub
$ ssh-copy-id your_username@your_host
Replace your_username
and your_host
with yours.
$ cat ~/.ssh/id_rsa.pub | ssh your_username@your_host "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"
Replace your_username
and your_host
with yours.
$ ssh your_username@your_host
In this step, you will disable the SSH password authentication to add an extra layer of security. Before disable, make sure that the user, which is login, has sudo privileges or a root account on this server. First, login into your remote server with a root account or sudo privileges. Now, open the ‘/etc/ssh/sshd_config’ SSH configuration file by executing the below-given command:
$ sudo vi /etc/ssh/sshd_config
Find the PasswordAuthentication
configuration line and set it with a ‘no’ argument.
PasswordAuthentication no
Exit and restart SSH Service
$ sudo systemctl restart ssh