SSH and keys

This article shows how to setup ssh key and login to your server with it.

Reason

It is safer than passwords.

Generate keys

ssh-keygen

It generates two files in ~/.ssh/ if you don’t change the default value in prompt.

Private key is id_rsa .This is the “key”, which you should keep secret and save. Public key is id_rsa.pub. This is the one you send everybody.

Copy keys to remote server

Before copying, check the permission of your private key. It needs to be 700. If not, run

chmod 700 ~/.ssh/id_rsa

To copy keys, run

ssh-copy-id user@host

Turn of password login on remote server

Before you turn it off, check if you can actually login without a password first.

Then, edit /etc/ssh/sshd_config on remote server.

Set as follows:

ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no

Then you need to restart ssh service, this worked for me:

sudo systemctl reload ssh