Use SSH Key to Connect to Your Remote Server Running Linux

You have a remote server somewhere and you wish to establish secure ssh connections with a private key file just like you connect to your Amazon instance. Here is one way to do it. I assume you are connecting to an Ubuntu Server (14.04) but you can make small alterations for other machines running Linux.

In a Linux machine you wish to connect to, working in your home directory, type in

ssh-keygen -t rsa

It asks for the file to save the key, and passphrase to secure the key. Type nothing and press enter multiple times to generate public and private keys in .ssh directory without any passphrase.

Change permissions of newly created .ssh directory;

chmod 700 .ssh

Change your working directory;

cd .ssh

id_rsa.pub is the public key which stays in this server. Type in:

cat id_rsa.pub >> authorized_keys
chmod 600 authorized_keys
rm id_rsa.pub

Now we need to download the private key (id_rsa) from the remote server. I use Filezilla to establish an sFTP connection, but other methods exist. Choose a convenient method to grab id_rsa to your local computer.

If your local computer is running Linux or Mac, fire up a terminal and test the remote connection;

ssh -i id_rsa [username]@[remote_host]

If your local computer is running Windows however, you may want to use Putty to establish a remote connection. You need Puttygen to import id_rsa and save the private key with .ppk extension which Putty can use.

If you can use the private key file to connect to your remote server, it is time to disable text password login;

sudo nano /etc/ssh/sshd_config

You have to change the following line

#PasswordAuthentication yes

to

PasswordAuthentication no

Then restart ssh service

sudo service ssh restart

You may wish to disable password prompt for users with sudo privileges. In order to do so (In an Ubuntu Server)

sudo visudo

At the end of the file, add the following line

[username] ALL=(ALL) NOPASSWD: ALL

Done! You can now connect and use your remote server without plain text password and sudo password prompts.

Kerem Kayabay

Read more posts by this author.

Ankara/Turkey

Subscribe to Pseudo Factory

Get the latest posts delivered right to your inbox.

or subscribe via RSS with Feedly!