SSH Public/Private Keys

  • Enable secure ssh login using public/private keys.

First, create a public/private key pair on the client that you will use to connect to the server (you will need to do this from each client machine from which you connect):

$ ssh-keygen -t rsa -b 4096

This will create two files in your (hidden) ~/.ssh directory called id_rsa and id_rsa is your private key and is your public key.

Now set permissions on your private key:

$ chmod 700 ~/.ssh
$ chmod 600 ~/.ssh/id_rsa 

Copy the public key ( to the server and install it to the authorized_keys list:

$ cat >> ~/.ssh/authorized_keys

Note: once you've imported the public key, you can delete it from the server.

and finally set file permissions on the server:

$ chmod 700 ~/.ssh
$ chmod 600 ~/.ssh/authorized_keys

A good practice will also be to disable password authentication, forcing use of keys.

@ /etc/ssh/sshd_config
PasswordAuthentication no


- _

Add Comment

Sorry you must log in first to be able to add a comment. Click here to log in.
*/ ?>