SSH is known, as Secure Shell, is the most popular network protocol that helps establish a secure connection between a server and a client. With SSH, users can securely execute commands on remote servers, forward ports, create tunnels, and perform other actions. SSH supports different types of authentication techniques. One of the most common mechanisms is password authentication, and the other is public key-based authentication. In both, public key-based authentication is more secure and convenient than the password authentication method and relies on digital signatures.
This article will provide you with a step-by-step SSH key generation guide for Ubuntu system. We will discuss how to generate an SSH key and configure SSH key-based authentication on Ubuntu 20.04 system. Let’s dive into the details!
Prerequisites
Root user privileges are required to run the administrative command
on Ubuntu 20.04 system. Generate SSH Key on Ubuntu 20.04 System
By following the procedure mentioned below, you can easily generate SSH key on Ubuntu 20.04 system
:
Step 1: Create
SSH key pair First, generate the
SSH key on
the Ubuntu client machine. This machine connects to the server.
Check the SSH key
pair if it exists
Before you create the SSH key
, make sure that you do not already have the SSH key on the client system. Sometimes, you already have a pair of SSH keys on your Ubuntu system. Therefore, when you create a new key pair, it will be overwritten in the old one. To verify that the SSH key file exists on the client computer or not, type the following command:
Generate a new
SSH key pair
If you will receive an error that says “There is no such file or directory”, it means that you do not have an SSH key on your machine. So, move on to the next step. Generate the SSH key pair on the Ubuntu client machine. To generate a new 4096-bit key pair with a user email address as a comment, run the following command:
OR If
you run the above “ssh-keygen” command, it generates a default 3072-bit RSA key pair. To save the SSH key to the default location in the ‘.ssh/’ subdirectory, press ‘Enter’.
Now, you will be asked to enter the passphrase. The passphrase includes an additional layer of security. However, you need to log in every time you log in to a remote machine. So, leave it empty as default by pressing ‘Enter’. After
that, the following full output screen is displayed in the terminal:
Verify the generated SSH key pair To verify that the
ssh key pair was successfully generated on the client computer, use
the following command:
The following output is displayed in the terminal:
That means you have generated the SSH key pair successfully on the Ubuntu client system.
Step 2: Copy
the public key to the remote Ubuntu server
This step will copy the generated SSH public key to the remote Ubuntu server you want to manage. Use the “ssh-copy-id” tool which is the recommended way to copy the public identifier to the remote server. Run the command mentioned below on the client machine to easily copy the public key to your remote Ubuntu server
: Replace the
server_ipaddress with the system IP_address.
When you connect the system for the first time, the following message may appear in your terminal:
Type ‘yes’ and then press ‘Enter’ to proceed with the process. The server will check and verify the SSH key previously generated on the client computer. In the next step, you will be asked to enter the user password for the server account and then press the ‘Enter’ key on the keyboard. The following output receives in the terminal window:
Sometimes, you get an error using the ssh-copy-id method. In this case, an alternative method of manual ssh key copy is available. Use the command mentioned below to copy
the SSH public key to a server manually:
Replace user_name and server_ipaddress with details of your machine.
Step 3: Log in with the SSH key on a
remote server
In this step, you will log in via ssh on your remote server by running the following command:
If you have not used the strong password for the private key, you will immediately log on to a remote server. In another scenario, you will be asked to enter that strong passphrase that you set earlier.
Step 4: Disable
SSH password authentication
In this step, you will disable SSH password authentication to add an extra layer of security. Before disabling, make sure that the user, who is logging on, has sudo privileges or a root account on this server. First, log in to your remote server with a root account or sudo privileges. Now, open
the SSH configuration file ‘/etc/ssh/sshd_config’ by running the following command: Find the following configuration line and
set it with a ‘no’ argument
.
Save the previous settings and exit the file.
It’s time to restart
the SSH service on your server by running the command mentioned below:
It would be best to verify that SSH is still running on your server before closing the current session. If everything works normally, then SSH password authentication is disabled on your server.
Conclusion
By following the step-by-step guidelines in this article, you can generate Ubuntu 20.04 system SSH key easily. Also, we discuss how you can copy the SSH key to your remote server and disable password-based authentication. I hope this guide is simple and descriptive to solve your SSH key problem.