How to create and use SSH Key?

Sean101

Member
Registered
Joined
Apr 15, 2016
Messages
60
Points
8
I heard that there was a way log into a VPS quite safe that is using SSH Key to replace the password. As the default setting, each VPS that you log in with, you will need a username root and password that have been sent by your VPS provider when you purchased a VPS package. Therefore, some peopled encouraged me to become familiar with SSH Key to login to VPS but I am new to this, does anyone guide me on how to create and use SSH Key?
 

VirtuBox

Well-known member
Registered
Joined
May 3, 2016
Messages
1,622
Points
83
Yes using SSH key is a good practice to secure a server. You can find a complete guide here. And to avoid useless bruteforce change your ssh port in the file /etc/ssh/sshd_config from 22 to another one. (check there is no service using it)
 

Cort Ammon

Member
Registered
Joined
Jul 8, 2016
Messages
48
Points
8
@Sean101

Creating SSH Key
If you use Windows and using PuTTY to login to your VPS via SSH, you can use the software PuTTY-Gen to generate SSH key, you can download it from here View attachment puttygen.zip

Once your download is complete, choose the options as below and press Generate.

how-to-create-and-use-SSH-Key-1.png

While creating, you need to move the mouse over the blank area as below (under the loading bar)

how-to-create-and-use-SSH-Key-2.png

Once created, you will see it is like this.

how-to-create-and-use-SSH-Key-7.png

Now put the keyphrase for it by filling keypharse above.

how-to-create-and-use-SSH-Key-3.png

Then click Save Private Key and store it in a safe place or on Dropbox and you can use later.

how-to-create-and-use-SSH-Key-4.png

Public key is charaters which starts with ssh-rsa....... This will need to copy to your server in ssh folder in next steps.

Adding public key into VPS

Code:
mkdir ~/.ssh
chmod 0700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 0644 ~/.ssh/authorized_keys
If ssh folder is created, just start from the command chmod 0700 ~/.ssh

Then open the file authorized_keys in directory .ssh in the user's home directory and copy the entire character of the public key into this file.

Code:
nano ~/.ssh/authorized_keys
Copy public key and right click to paste into authorized_keys file, Ctrl + O to save and Ctrl+X to exit.

Note:
SSH Key will not work if you are enabling SELinux. Please disable SELinux by opening the file /etc/selinux/config

Code:
nano /etc/selinux/config
Find SELINUX = enforcing and replaced with SELINUX = disabled
After that using reboot command to reboot your server

Code:
reboot
To check if SSH key is working or not, just create a new account and at SSH -> Auth, browse your public key file created before

how-to-create-and-use-SSH-Key-5.png

Save this account for next logins

Now when you login to your VPS, it will prompt you the keyphrase and you need to type keyphases to login.

For example, you should see these

Code:
login as: root
Authenticating with public key "rsa-key-20160920"
Passphrase for key "rsa-key-20160920":
Last login: Mon Sep 19 23:34:26 2016 from YOUR_IP
Turn off password function

After the test, if you were able to log on to the server using SSH Key, you can disable the password with following ways

Code:
nano /etc/ssh/sshd_config
and change to

Code:
PasswordAuthentication no
UsePAM no
Hope it helps!
 

Attachments

MooseLucifer

Well-known member
Registered
Joined
May 20, 2016
Messages
149
Points
28
If you are using Linux, you don't need to have PuTTY-Gen to create SSH key, just using your Terminal.

After logged into your root account, type

Code:
ssh-keygen -t rsa
Press Enter when you are being asked where to store key file( the default is /root/.ssh/id_rsa)

Type your passphrase if needed.

Now you will have 2 files id_rsa.pub (public key) and id_rsa (private key) to use.

For example, it should be

Code:
[root@myvps1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
2c:0c:06:3e:a9:55:0e:d7:e6:8f:cf:93:24:35:8b:c2 [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
|  o o.           |
| . B  o          |
|  = +o           |
| o o o..o        |
|.  .  o=So       |
|    E +.+        |
|     . = .       |
|        =        |
|         .       |
+-----------------+
Using nano command to view public key

For example

Code:
[root@myvps1 ~]# nano /root/.ssh/id_rsa.pub
Code:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6rK8cgJpAt9beprKDGcWCnsmlaDeiBM7glTydl97iZb05ZYhoKARmDB9dzqBw8HhPv9uepfAa2q8HY21EiEynLrNscYiOlEwEFip0z19rJdfA2KS2647BA16QMrq5lL+bZwgAuBbZbw+ydhjhUdhAIZOiGgOxyhZ$
The next step, you can follow tips from Cort Ammon as above to add public key into your VPS.

Code:
mkdir ~/.ssh
chmod 0700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 0644 ~/.ssh/authorized_keys

Good luck!
 

livialivia

New member
Registered
Joined
Dec 8, 2016
Messages
1
Points
0
Maybe..BUt if you need to create a strong password you can use Password Manager and it can provide a good one for you
 

HostXNow

Well-known member
Hosting Provider
Registered
Joined
Nov 26, 2014
Messages
374
Points
28
Last edited:

BillEssley

Well-known member
Registered
Joined
Feb 19, 2013
Messages
358
Points
28
Thanks for great article @Cort Ammon

Maybe..BUt if you need to create a strong password you can use Password Manager and it can provide a good one for you
Can I trust Password Manager software?
 
Newer Threads
Replies
7
Views
2,807
fwh
Replies
5
Views
4,025
Replies
1
Views
1,916

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top