## Table of Contents
– [How to Setup SSH Keys](#how-to-set-up-ssh-keys
– [Generate RSA Key Pair](#generate-rsa-key-pair
– [Copy the Public Key](#copy-the-public-key
– [Use SSH Keys to Authenticate to Test User](#use-ssh-keys-to-authenticate-to-test-user
– [Deactivate the Password for Root Login](#deactivate-the-password-for-root-login
In this guide, I will explain to you how to set up SSH keys on Ubuntu 18.04.
SSH is an acronym for Secure Shell. Secure Shell (SSH is a cryptographic network protocol, and it is responsible for encrypting the information between a user and the remote machine. It allows users to perform secure network services.
It uses SSH keys to log into a server so that you can get a more secure way of logging in. Generally, hackers use brute force attack to crack passwords. But, it is almost impossible to decipher the SSH keys by using the brute force attack. So, you can connect to your server without entering your password. Moreover, it is even more secure.
Secure Shell (SSH is completely based on public key cryptography. For your easy understanding, let’s just say SSH keys come in a pair. One is a private key and the other one is a public key. The private key is stored securely to the home machine of a user. The public key is stored securely to any remote machine that user wishes to connect. You can use the public key on any server, but it can be unlocked by connecting to a user who already has the private key. The machine will be unlocked only when the two keys matched. You can also increase the security much more by protecting the private key with a passphrase.
## How to Setup SSH Keys
## Generate RSA Key Pair
The first step in the process is to generate an RSA key pair on the user machine (Chances are that it is your machine using the following command.
After entering the Gen Key command, you will probably get a few questions like the following.
Now, press ENTER to save the file to the user home. (Here, systemongrid is our example user, replace it with your user.
Then, you will be asked to enter a passphrase.
It is entirely up to you whether to use a passphrase or not. But, using a passphrase increase your security much more. No unauthorized user can log into a passphrase-protected machine and its associated accounts unless they know the passphrase. But, you must type the passphrase every time you use the SSH key pair.
The complete output will look like the following.
It is very clear that the public key is now located in /home/systemongrid/.ssh/id_rsa.pub. The private key (identification is now located in /home/systemongrid/.ssh/id_rsa.
## Copy the Public Key
Now, you must place the public key on your server.
Then, copy the public key into the authorized_keys file in your new machine by using an ssh-copy-id command.
$ ssh-copy-id firstname.lastname@example.org
You can also do this by using the below command.
cat ~/.ssh/id_rsa.pub | ssh email@example.com/ “mkdir -p ~/.ssh && touch ~/.ssh/authorized_keys && chmod -R go= ~/.ssh && cat >> ~/.ssh/authorized_keys”
In both the ways, you will see the message something like the following.
This message helps you to make sure that you have not added any extra keys and this is the first time you are connecting to a new host. Type yes, press ENTER to continue.
Then, your local account will be scanned by the utility for id_rsa.pub key that we generated earlier. When the key is found, you will be asked to enter the password of the remote user (or test user’s account.
Enter the password, press ENTER to continue.
Then, the utility will connect to the account, copy the contents of your ~/.ssh/id_rsa.pub key into a file in the remote user (or test user’s home ~/.ssh directory called authorized_keys.
## Use SSH Keys to Authenticate to Test User
If you have done the above process, you must be able to log into the test user using the below command without the test user’s password.
$ ssh firstname.lastname@example.org
## Deactivate the Password for Root Login
Now, it’s time to deactivate the password for root login so that you can log in only by using SSH keys. To do so, open your SSH configuration file
$ sudo vi /etc/ssh/sshd_config
Within the file find the line, PasswordAuthentication to set its value to “no”. This can make you log in via SSH using account’s passwords.
Then, press CTRL + X to save and close the file, Y to confirm saving it and ENTER to exit nano.
Use the following command to implement these changes
$ sudo systemctl restart ssh
Before closing the session, open a new window and test if SSH service is functioning correctly using the command:
$ ssh email@example.com
After checking your SSH services, you can close all server sessions.
In this guide we have described that how to set up SSH keys on Ubuntu 18.04.