Simple SSH authentication with keys

This is for anyone who uses passwords (exclusively) to login to remote machines.

With ever-increasing computing power available to those that want to access your accounts, chances are that your passwords aren’t strong (ie. long and random) enough to represent decent security. You should be using SSH authentication keys. Thankfully, it’s quick and easy to do so!

In a terminal on your (client) machine, generate an private/public key file pair.

If you don’t yet have a key file (usually because you haven’t run ssh-keygen before), run:

ssh-keygen

Otherwise, run:

ssh-keygen -p

Now install your public key on remote servers:

ssh-copy-id -i ~/.ssh/id_rsa.pub user@server

Congratulations! You can now login to remote servers more securely, and without the need for a password! (Although you can choose to encrypt the key using a password – for that extra little bit of security.)

Thanks (and keep being awesome) debian administrator website.

Update: As Jack points out, there isn’t any security benefit if the server still allows password authentication. So either disable it, or set the password to something very long and very random.

Update: Added a note about what to do if you don’t already have a key file.

2 thoughts on “Simple SSH authentication with keys”

  1. Should add that you probably also want to disable username/password authentication on the server after doing this.

    It’s not a lot of use to add the automatic logon via key pair if you leave the ability to log on with your weak password intact.

    Alternatively use a really long ugly and incomprehensible password and use key pair authentication as a more convenient login procedure.

Comments are closed.