Post

SSH Key Authentication

Posted
By x3ric
1 min read

enhances security using cryptographic keys instead of passwords for accessing remote systems, ensuring a more secure and efficient login process.

Client

Key Generation

generate a key pair with ssh-keygen.

and chose if you want a passphrase

after import the public key to the server with ssh-copy-id <username>@<host>

and put the password for the last time

Configuration

Here is the $HOME/.ssh/config.

1
2
3
4
5

Host <name>
    HostName <host>
    HostKeyAlgorithms +ssh-rsa
    Port <port> # neded only if port != 22
    User <username>

after you can simply ssh <name>

Server

Keypair Only Authentication

change in /etc/ssh/sshd_config.

And Use Keypair Authentication

1

PasswordAuthentication no

Or Force Only Root

1

PermitRootLogin prohibit-password

Additionaly Disale Password Authentication Module

1

UsePAM no

and after restart it with sudo systemctl restart ssh

ssh
ssh
This post is licensed under CC BY 4.0 by the author.