SSH key-based authentication is a secure and recommended method for accessing a Linux server. Unlike passwords, SSH keys provide a higher level of security and are less prone to brute force attacks. In this article, we will explore how to enable authentication with only SSH keys on a Linux server.
If you don't already have an SSH key pair, the first step is to generate them. You can do this using the ssh-keygen command on your local computer. Be sure to follow the instructions and protect your private key with a password for an extra layer of security.
ssh-keygen -t rsa -b 2048
This command will generate a 2048-bit RSA key pair. The keys will be saved by default in the ~/.ssh/.
After generating the keys, you need to copy the public key to the server. You can do this manually or use the ssh-copy-id command to simplify the process. Make sure to replace username and hostname with your credentials.
ssh-copy-id username@hostname
This command will copy your public key to the ~/.ssh/authorized_keys file on the remote server. You will then be able to log in to the server using your private key.
Once you've verified that you can successfully authenticate with your SSH key, it's time to disable password-based authentication to improve the security of your server.
Log in to your server and open the SSH configuration file with a text editor, such as nano or vi.
sudo nano /etc/ssh/sshd_config
Inside the configuration file, look for the line PasswordAuthentication and change it to:
PasswordAuthentication no
Save your changes and close the editor. For the changes to take effect, you must restart the SSH service on your server. Use the following command to do this:
sudo systemctl restart sshd
Your server will now only accept SSH key-based authentication. Make sure you have kept your private key in a safe place on your local computer and that no unauthorized users have access to your keys.
Conclusions
With these steps, you have successfully configured your Linux server to only accept SSH key-based authentication, greatly improving the security of your environment.