How to Use Public Key Authentication with SSH on Linux

How to Use Public Key Authentication with SSH on Linux

Using public key authentication with SSH is a more secure way of logging into a remote system than using a password, as it uses a cryptographic key pair for validation. Although making sure to use a strong password can help to prevent brute-force attacks, public key authentication provides cryptographic strength and automated passwordless logins.

Follow these steps to set up public key authentication with SSH:

1. Generate a key pair on your local machine:
   
   

   
   
   

   This command will create a pair of keys, one private and one public, in the ~/.ssh directory of your home directory.
   
   

2. Copy the public key to the remote server:

   
   
    

   This command will copy the public key to the remote server and add it to the authorised keys file. You will be prompted to enter the password for the remote user.

   If the ssh-copy-id command is not available on your system, you can copy the contents of the public key file manually and paste it into the .ssh/authorized_keys file on the remote server.
   
   

3. Test the connection:
   
   

   

   This command should log you into the remote server without prompting you for a password. 
   
   

4. f you need to disable the password authentication:
   
   

   

   Change the following line from:
   
   

   

   
   to:
   
   

   



   Save and close the file, then restart the SSH service:
   
   

   



   This will prevent users from logging in with a password and force them to use public key authentication.
   
   

   That's it! You have now set up public key authentication with SSH on Linux and can log in to the remote server without using a password.
   
   How to configure one or multiple SSH/SFTP Users for your key on Linux
   
   

   To configure one or multiple SSH/SFTP users for key authentication on Linux, you can follow these steps:
   
   

   1. Generate a key pair for each user:

      



      This command will create a pair of keys, one private and one public, in the ~/.ssh directory of each user's home directory.
      
      

   2. Copy the public key of each user to the remote server:
      
      

      



      This command will copy the public key of each user to the remote server and add it to the authorized keys file. You will be prompted to enter the password for each remote user.
      
      

      If the ssh-copy-id command is not available on your system, you can copy the contents of the public key file manually and paste it into the .ssh/authorized_keys file on the remote server.
      
      

   3. Configure SSH/SFTP access for each user:
      
      

      



      Add the following lines at the end of the file for each user:
      
      

      



      Replace username with the actual username of each user.
      
      

   4. Restart the SSH service:
      
      

      



      This will apply the changes to the SSH/SFTP configuration.
      
      

   That's it! You have now configured one or multiple SSH/SFTP users for key authentication on Linux. Each user can log in to the remote server with their key and access their home directory via SFTP.