SSH key-based authentication is a more secure way to log in to a remote server than using a password. It uses a pair of private and public keys to authenticate the user, rather than a password. In this way, only the user who has the private key can log in to the server.
Here are the steps to configure SSH key-based authentication on Ubuntu:
- On your local machine, generate a new SSH key pair by running the following command:
ssh-keygen -t rsa
This will generate a new private key and a public key. The private key should be kept secure and should not be shared with anyone.
- Copy the public key to the remote server. You can use the
ssh-copy-idcommand to do this. For example, to copy the key to a remote server with IP address 192.168.0.100, you would run the following command:
ssh-copy-id user@192.168.0.100
This will copy your public key to the remote server and append it to the ~/.ssh/authorized_keys file.
- On the server, edit the
/etc/ssh/sshd_configfile and setPasswordAuthenticationtonoandPubkeyAuthenticationtoyes.
sudo nano /etc/ssh/sshd_config
Then
PasswordAuthentication no
PubkeyAuthentication yes
- Restart the SSH daemon on the server to apply the changes.
sudo systemctl restart ssh
- Test the connection by running the following command on your local machine
ssh user@192.168.0.100
You should be logged in to the remote server without being prompted for a password.
It’s important to note that you can also use SSH-keys on other Linux distributions like Centos, OpenSUSE and Debian. You will have to check the specific steps for each distribution on their official documentation.