How to setup user SSH Keys on Ubuntu 18.04
Table of Contents
Overview
SSH [ Secure Shell ] is a famous encrypted protocol are widely becoming popular for communicate server access. For security purpose SSH provide lot of features and one of the famous is SSH Keys and for some its complicated and mostly biased to use SSH password method.
Cloud Service providers like AWS and GCP are default using ssh key method before creating any Instance. So they can generate SSH keys for you and you can download it for you to access it remotely. But other server provider mostly generate and provide you SSH password.
SSH Password method is secured but password can be bruteforce by millions of bots are out there for cracking passwords and who knows if someone has supercomputer who can break your password within minutes but fear not cause SSH key to the rescue.
In reality, SSH Keys gives an easy and perfectly secure way to connect your remote server and one SSH key can be use for multiple users.
In this tutorial, How we can setup user ssh keys for Ubuntu 18.04 but it also applicable to any linux OS.
For this example we will take a remote server which enabled with SSH password authentication and applying SSH Key based authentication.
Before communication with remote server we have to do following steps.
Step 1 : Generate a RSA Key Pair on your machine.
| $ | ssh-keygen |
Above command will generate 2048 bit RSA key pair consists of public and private keys. [ id_rsa and id_rsa.pub ] When you run ssh-keygen command it will ask for custom path to store your keys but for now default location is shown in below image.
Press enter to select default path for RSA keys.
Next, You should then see the following prompt:
Enter passphrase (empty for no passphrase):
Additional security if you want to protect your SSH key using passphrase and empty for no passphrase so when you establish remote connection it will not ask for password everytime but its highly recommended that you should use passphrase and it gives more security and that's what we need.
Here's the result after creation of the key
Your identification has been saved in /your_home/.ssh/id_rsa.
Your public key has been saved in /your_home/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:tQX64BUmMF2BY1wUSTdeJEYQQUjFIf9wrUAz0RJlaU4 user@remote-server
The key's randomart image is:
+---[RSA 2048]----+
| o=+@^#Ooo |
| .BB+XE= |
| .o.*=+ . |
| . = B.. |
| S o o |
| |
| |
| |
| |
+----[SHA256]-----+
And at this path you'll find ssh keys as follows,
That's it, Now you've generated public and private ssh key on your machine. Next step is very easy and we have to copy our public key to remote server so we can SSH Key based authentication for SSH.
Step 2 : Copy SSH Public Key to remote server.
Now we have SSH public key which can authenticate remote machine from our host machine. There is fastest method to copy public key ID to remote host is simple tool called "ssh-copy-id"
Simple yet very useful for copying public ssh key to remote host. Remote host must have enabled password authentication so once public key authentication is done. Later, We can disable password authentication so only gateway to access your server is SSH Key authentication.
ssh-copy-id user@remote_server
[OPTIONAL] - SSH Public Key for Custom Include Key Path
If you have SSH Key available on different path you can use add include path parameter like this
ssh-copy-id -i /ssh-key-folder/sshpub.key user@remote_server
[OPTIONAL] - SSH Public Key for Custom Port
ssh-copy-id -p 5500 user@remote_server
