Skip to main content

Connecting To SSH: Using Keys

To visually represent the relationship and flow of generating and using SSH keys between the local machine and the remote server, we can use a Mermaid markdown graph. Here's the representation:

Explanation of the Graph:

  • Local Machine: This is where you start by generating an SSH key pair using ssh-keygen. It results in two parts: a Private Key and a Public Key.
  • Private Key (~/.ssh/id_rsa): It stays securely on your local machine and is used whenever you initiate an SSH connection.
  • Public Key (~/.ssh/id_rsa.pub): This is copied to the remote server. It's what the server uses to verify that the incoming connection is authorized.
  • Copy to Server: The action of copying the public key to the remote server's ~/.ssh/authorized_keys file.
  • ~/.ssh/authorized_keys on Remote Server: The file on the remote server where the public key is stored. It's used to authenticate the user attempting to establish an SSH connection.
  • SSH into Server: The action of initiating an SSH connection to the server using the private key for authentication.
  • Successful SSH Connection: The result of a successful authentication, where the private key matches the public key on the server, allowing access.

Generating an SSH key pair and adding it to a remote Ubuntu server for secure, password-less connections involves several steps, both on your local machine ( the client) and the remote server. Here are the complete instructions:

On Your Local Ubuntu Machine (Client)

  1. Open Terminal: Use your favorite terminal emulator.

  2. Generate SSH Key Pair:

    • Run the following command to generate a new SSH key pair:
      ssh-keygen -t rsa -b 4096
    • When prompted to "Enter a file in which to save the key," press Enter to save in the default location (~/.ssh/id_rsa).
    • At the prompt, enter a secure passphrase for the key or press Enter to continue without a passphrase (not recommended for high-security environments).

  3. Locate the Public Key:

    • Your public key is now saved in ~/.ssh/id_rsa.pub. You can view it with:
      cat ~/.ssh/id_rsa.pub

On the Remote Ubuntu Server

  1. Log In to Your Server: Use your regular method (usually with a password) to log into your remote server.

  2. Prepare the .ssh Directory:

    • Make sure your .ssh directory exists with the correct permissions:
      mkdir -p ~/.ssh
      chmod 700 ~/.ssh

  3. Add Public Key to authorized_keys:

    • Edit the authorized_keys file within the .ssh directory:
      nano ~/.ssh/authorized_keys
    • Now, paste the public key (which you obtained from your local machine) into this file on a new line.
    • Save and close the file (Ctrl + O, Enter, and then Ctrl + X in nano).
    • Set the correct permissions for the authorized_keys file:
      chmod 600 ~/.ssh/authorized_keys

Verifying SSH Key-Based Authentication

After adding the public key to the remote server, you can test the setup by SSH'ing into the server from your local machine:

  1. SSH into Your Server:

    • Use the following command to initiate an SSH connection:
      ssh username@remote_server_ip
    • Replace username with your actual username on the remote server and remote_server_ip with the server's IP address or hostname.

  2. Enter Passphrase (if set):

    • If you set a passphrase for your SSH key, you will be prompted to enter it now. After entering it, you should be logged into the server.

Additional Tips

  • ssh-copy-id: If you prefer a simpler method to copy the public key, consider using the ssh-copy-id command after generating your SSH keys:

    ssh-copy-id username@remote_server_ip

    This command will handle the copying and permissions of the public key for you.

  • Key Management: It's crucial to manage your SSH keys securely. Keep your private key safe (~/.ssh/id_rsa) and never share it. The public key (~/.ssh/id_rsa.pub) is what you add to remote servers.

  • Troubleshooting: If you cannot log in to the server using the SSH key, double-check the permissions of the .ssh directory and the authorized_keys file on the server, ensure that the public key is correctly pasted, and verify that the SSH server configuration permits key-based authentication.

By following these instructions, you should successfully generate an SSH key pair and set up key-based SSH access to a remote Ubuntu server, providing a more secure and convenient method of connecting.

What Can You Do Next 🙏😊

If you liked the article, consider subscribing to Cloudaffle, my YouTube Channel, where I keep posting in-depth tutorials and all edutainment stuff for software developers.

YouTube @cloudaffle