Grid Guides

Explore How System On Grid Can Work For You

Grid GuideGrid Guide Topics


How to Setup SSH Keys on Ubuntu 18.04


Table of Contents

Introduction

In this guide, I will explain to you how to set up SSH keys on Ubuntu 18.04.

SSH is an acronym for Secure Shell. Secure Shell (SSH) is a cryptographic network protocol, and it is responsible for encrypting the information between a user and the remote machine. It allows users to perform secure network services.

It uses SSH keys to log into a server so that you can get a more secure way of logging in. Generally, hackers use brute force attack to crack passwords. But, it is almost impossible to decipher the SSH keys by using the brute force attack. So, you can connect to your server without entering your password. Moreover, it is even more secure.

Secure Shell (SSH) is completely based on public key cryptography. For your easy understanding, let’s just say SSH keys come in a pair. One is a private key and the other one is a public key. The private key is stored securely to the home machine of a user. The public key is stored securely to any remote machine that user wishes to connect. You can use the public key on any server, but it can be unlocked by connecting to a user who already has the private key. The machine will be unlocked only when the two keys matched. You can also increase the security much more by protecting the private key with a passphrase.

Prerequisites

Running Server

How to Setup SSH Keys

Generate RSA Key Pair

The first step in the process is to generate an RSA key pair on the user machine (Chances are that it is your machine) using the following command.

$ ssh-keygen

After entering the Gen Key command, you will probably get a few questions like the following.

generatingrsakeypair

Now, press ENTER to save the file to the user home. (Here, systemongrid is our example user, replace it with your user).

Then, you will be asked to enter a passphrase.

passphrase

It is entirely up to you whether to use a passphrase or not. But, using a passphrase increase your security much more. No unauthorized user can log into a passphrase-protected machine and its associated accounts unless they know the passphrase. But, you must type the passphrase every time you use the SSH key pair.

The complete output will look like the following.

setupsshkeys

It is very clear that the public key is now located in /home/systemongrid/.ssh/id_rsa.pub. The private key (identification) is now located in /home/systemongrid/.ssh/id_rsa.

Copy the Public Key

Now, you must place the public key on your server.

Then, copy the public key into the authorized_keys file in your new machine by using an ssh-copy-id command.

$ ssh-copy-id [email protected]

You can also do this by using the below command.

cat ~/.ssh/id_rsa.pub | ssh [email protected]/ "mkdir -p ~/.ssh && touch ~/.ssh/authorized_keys && chmod -R go= ~/.ssh && cat >> ~/.ssh/authorized_keys"

In both the ways, you will see the message something like the following.

hostauthenticity

This message helps you to make sure that you have not added any extra keys and this is the first time you are connecting to a new host. Type yes, press ENTER to continue.

Then, your local account will be scanned by the utility for id_rsa.pub key that we generated earlier. When the key is found, you will be asked to enter the password of the remote user (or) test user’s account.

Output

installthenewkeys

Enter the password, press ENTER to continue.

Then, the utility will connect to the account, copy the contents of your ~/.ssh/id_rsa.pub key into a file in the remote user (or) test user’s home ~/.ssh directory called authorized_keys.

Use SSH Keys to Authenticate to Test User

If you have done the above process, you must be able to log into the test user using the below command without the test user’s password.

$ ssh [email protected]

Deactivate the Password for Root Login

Now, it’s time to deactivate the password for root login so that you can log in only by using SSH keys. To do so, open your SSH configuration file

$ sudo vi /etc/ssh/sshd_config

Within the file find the line, PasswordAuthentication to set its value to “no”. This can make you log in via SSH using account’s passwords.

/etc/ssh/sshd_config
PasswordAuthentication no

Then, press CTRL + X to save and close the file, Y to confirm saving it and ENTER to exit nano.

Use the following command to implement these changes

$ sudo systemctl restart ssh

Before closing the session, open a new window and test if SSH service is functioning correctly using the command:

$ ssh [email protected]

After checking your SSH services, you can close all server sessions.

Conclusion

In this guide we have described that how to set up SSH keys on Ubuntu 18.04.