SSH, an acronym for Secure Shell, serves as a robust mechanism to establish secure communication between your system and remote machines across the internet. Analogous to a discreet cryptographic protocol, SSH ensures a confidential and authenticated connection between devices. This comprehensive guide is designed to clarify the procedure for configuring SSH keys on Ubuntu 20.04, a prominent variant of the Linux operating system.
Step 1: Making the Secret Keys
First, you need to create your secret keys. This is like making a special pair of keys that only your computer and the other one can understand. Here’s how you do it:
- Open a special computer program called a terminal on your computer. You can find it by searching for “Terminal” in the start menu.
- In the terminal, type `ssh-keygen` and press the Enter key. This will make your secret keys.
- It might ask you where to save these keys. Just press Enter to save them in a specific place on your computer.
- If you already made these keys before, it might ask if you want to replace them. Be careful with this. If you say yes, the old keys will be gone forever.
- It might also ask if you want to set a password. This is a good idea because it adds an extra layer of security. You can type a password or just press Enter to skip it.
After all this, you’ll see some text on your screen. These are your secret keys, so keep them safe.
Step 2: Sharing the Public Key
Now, you need to provide your server with the key. This is the public key, which is safe to share. There are a few ways to do this:
Option A: Use a Tool
Your computer might already have a tool called `ssh-copy-id` installed. This tool can do the job easily. Just type this command in your terminal:
```bash ssh-copy-id username@remote_host ```
It will ask for the password of the remote computer. Type it in, and it will copy your public key there.
Option B: Copy and Paste
If the tool isn’t there, you can do it manually. Here’s how:
- Open the public key file on your computer. You can do this by typing:
```bash cat ~/.ssh/id_rsa.pub ```
It will show you your public key. It starts with `ssh-rsa` and has a long string of letters and numbers.
- Copy this whole string.
- Now, connect to the other device using SSH. Use this command:
```bash ssh username@remote_host ```
It will ask for a password. Enter it.
- Once you’re in, create a special folder for your keys (if it doesn’t exist) and open the file for editing:
```bash mkdir -p ~/.ssh && touch ~/.ssh/authorized_keys && chmod -R go= ~/.ssh && nano ~/.ssh/authorized_keys ```
If it asks you about the fingerprint, just say yes.
- Paste your public key into this file.
- Save the file and exit the editor (usually, you press Ctrl + X, then Y, then Enter).
Step 3: Logging In with Your Secret Handshake
Now that your secure connection is set up, you can log in without a password.
- To start, use this command:
```bash ssh username@remote_host ```
- If it’s your first time connecting to this computer, it will ask if you’re sure. Just type yes and press Enter.
- If you set a password for your secret key, it will ask for it. Type it in.
- You’re in! You’re logged in to the other device securely using your secret keys.
Step 4: Extra Security – Disable Passwords
For even more security, you can turn off password login. This means only your secret keys can get you in. Here’s how:
- Log in to the other device using SSH keys (as we did in Step 3).
- Now, open a file for editing:
```bash sudo nano /etc/ssh/sshd_config ```
- Look for a line that says `PasswordAuthentication`. It probably has a # in front of it. Remove the # and change `yes` to `no`, like this:
```plaintext PasswordAuthentication no ```
- Save the file (Ctrl + X, Y, Enter).
- Restart the SSH service:
```bash sudo systemctl restart ssh ```
- Test that you can still log in with your keys before closing your session:
```bash ssh username@remote_host ```
You’ve now set up SSH keys, allowing you to log in securely, and even disable password logins for extra safety.