Development

How to set up SSH authentication on a Linux Server

Gabriele Romanato
By Gabriele Romanato Published: January 14, 2024
How to set up SSH authentication on a Linux Server

SSH key-based authentication is a secure and recommended method for accessing a Linux server.

SSH key-based authentication is a secure and recommended method for accessing a Linux server. Unlike passwords, SSH keys provide a higher level of security and are less prone to brute force attacks. In this article, we will explore how to enable authentication with only SSH keys on a Linux server.

If you don't already have an SSH key pair, the first step is to generate them. You can do this using the ssh-keygen command on your local computer. Be sure to follow the instructions and protect your private key with a password for an extra layer of security.


ssh-keygen -t rsa -b 2048

This command will generate a 2048-bit RSA key pair. The keys will be saved by default in the ~/.ssh/.

directory

After generating the keys, you need to copy the public key to the server. You can do this manually or use the ssh-copy-id command to simplify the process. Make sure to replace username and hostname with your credentials.


ssh-copy-id username@hostname

This command will copy your public key to the ~/.ssh/authorized_keys file on the remote server. You will then be able to log in to the server using your private key.

Once you've verified that you can successfully authenticate with your SSH key, it's time to disable password-based authentication to improve the security of your server.

Log in to your server and open the SSH configuration file with a text editor, such as nano or vi.


sudo nano /etc/ssh/sshd_config

Inside the configuration file, look for the line PasswordAuthentication and change it to:


PasswordAuthentication no

Save your changes and close the editor. For the changes to take effect, you must restart the SSH service on your server. Use the following command to do this:


sudo systemctl restart sshd

Your server will now only accept SSH key-based authentication. Make sure you have kept your private key in a safe place on your local computer and that no unauthorized users have access to your keys.

Conclusions

With these steps, you have successfully configured your Linux server to only accept SSH key-based authentication, greatly improving the security of your environment.

Gabriele Romanato
Gabriele Romanato

Full Stack web developer with JavaScript, PHP, Python and Java. Creating apps and websites with Node.js, Laravel, Flask, Django, Spring Boot and React. Working online since 2008.