How to set up SSH key on CentOS 8

0 0 2021-05-10T11:37:00-07:00 Edit this post

Secure Shell (SSH) is an encrypted network protocol designed to make secure connections between clients and servers. The two most p...


Secure Shell (SSH) is an encrypted network protocol designed to make secure connections between clients and servers.

The two most popular methods of SSH authorization are password-based authentication, and public key-based authentication. Using SSH keys is usually more secure and convenient than traditional password authentication.

This article describes how to generate SSH keys on CentOS 8. We will show you how to set up an SSH key and connect to a remote server without using a password.

1. Creating SSH keys on CentOS

It is likely that you already have an SSH key pair on your CentOS client. If you are generating a new key pair, the old one will be overwritten.

Run the following ls command to check if the key file exists.

ls -l ~/.ssh/id_*.pub

If the command line output is something like: No such file or directory or no matches found, it means that the user does not have an SSH key pair, and you can proceed to the next step to generate an SSH key pair.

Otherwise, if you have an SSH key pair, you can use them directly, or backup the old one and generate a new one.

To generate a 4096-bit SSH key pair using your email address as a comment, enter the following command.

ssh-keygen -t rsa -b 4096 -C "your_email@domain.com"

You will be prompted to specify the file name. 

Enter file in which to save the key (/home/yourusername/.ssh/id_rsa):

Enter Enter to accept the default file location and file name.

In the next step, you will be asked to enter a security password. Whether you need to set this security password or not is entirely up to you. A secure password will be more secure. If you do not want a secure password, enter.

Enter passphrase (empty for no passphrase):

The whole interaction looks like this.

To verify that your new SSH key is generated, enter.

ls ~/.ssh/id_*

Output. 

/home/yourusername/.ssh/id_rsa /home/yourusername/.ssh/id_rsa.pub

2. Copy the public key to the server

Now that the SSH key has been generated, the next step is to copy the public key to the server you want to manage.

The easiest and most recommended way to copy the public key to a remote server is to use the ssh-copy-id tool. In your local machine terminal type.

ssh-copy-id remote_username@server_ip_address

This command will ask you to enter the remote_username password: 

remote_username@server_ip_address's password:

Once the user is authorized, the public key file (~/.ssh/id_rsa.pub) will be appended to the remote user's ~/.ssh/authorized_keys file, and the connection will be closed. 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'username@server_ip_address'"
and check to make sure that only the key(s) you wanted were added.

If ssh-copy-id is not available on your local computer, use the following command to copy the public key. 

cat ~/.ssh/id_rsa.pub | ssh remote_username@server_ip_address "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"

3 Login to your server using SSH key

After completing the above steps, you should be able to log in to the remote server directly without entering a password.

To verify it, try logging in to your server via SSH at

ssh remote_username@server_ip_address

If you do not have a password for your private key, you will be able to log in to the server very quickly. Otherwise, you will be asked to enter your password.

4. Disable Password Authentication

To make the remote server more secure, you can disable SSH password authentication.

Before proceeding, make sure that you can log in to your server as a sudo privileged user without using a password.

Follow the steps below to disable SSH password authentication.

01. Log in to your remote server.

ssh sudo_user@server_ip_address

02. Use your text editor to open the SSH configuration file etc/ssh/sshd_config:

sudo nano /etc/ssh/sshd_config

03. Search for the following command and modify it as follows. 

PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no

04. Finish, save the file, and restart the SSH server by entering. 

sudo systemctl restart ssh

Now, password-based authentication is disabled.

5. Summary

We showed you how to generate a new SSH key pair and set up SSH-based authentication. You can use the same key to manage multiple remote servers. You have learned how to disable password authentication and increase the security of your server.

By default, SSH listens on port 22, and changing this default SSH port reduces the risk of automated attacks. To simplify your workflow, use the SSH configuration file to define all SSH connections.

Labels:

SHARE:

Twitter Facebook Google Pinterest

COMMENTS

BLOGGER
DISQUS
Name

2023,2,Ai,2,AlmaLinux 9,3,Amazon Linux,5,Apache Web Server,1,AppImage,1,Arduino IDE,1,Artificial Intelligence,2,BalenaEtcher,1,Bitcoin,1,Blockchain Data,1,Bookworm,2,Bootable USB,1,C++,1,centos,1,CentOS 8,1,CentOS Stream,1,CMake,1,CockroachDB,2,cuDNN,1,Database Security,1,Debian,2,Debian 10,2,Debian 11,2,Debian 12,9,DNS,1,Docker,1,E-commerce,1,Fail2ban,1,Fedora Linux,1,Firefox 118,1,FreeIPA Server,1,Function,1,Game Projects,1,Git,3,Google PageSpeed,1,How to,5,How to Install,9,HTTPS,1,Introduction,1,Iptables,1,ISO Image,1,KVM,1,Laravel,1,Let's Encrypt SSL,1,Linux,4,Linux 6.4,1,Linux Kernel 6.5,1,Linux Mint,1,Linux Server,1,Linux-Based Systems,1,Mageia 9,1,Magento,1,MariaDB,1,Media Server,1,ModSecurity,1,New Features,1,Nextcloud,2,NGINX,2,Nvidia CUDA,1,odoo,1,Oracles,1,Performance,1,PHP Zip Module,1,pip,1,Plex,1,Port Forwarding,1,postgresql,2,Privacy,1,Programming,1,Pylint,1,python,5,Python 3.10,2,Quantum,1,Quantum Computers,1,Remote Branch,1,Renew,1,RHEL,1,Rocky Linux 9,2,Rufus,1,Shadow Password,1,SQLite,1,SSH,1,SSH key,1,SSH Keys,1,Step-by-Step,4,SuiteCRM,1,SUSE Linux,1,Syslog,1,System,1,Testing,1,Top 10,1,Translation,1,Ubuntu,1,Ubuntu 18.04,1,Ubuntu 20.04,5,Ubuntu 22.10,1,Ubuntu 23.04,1,Ubuntu Server,1,Ubuntu Upgrade,1,unsupported,1,Up-to-Date,1,Upgrade,1,Visual Studio Code,1,Vivaldi 6.2,1,Web 3.0,1,Web Hosting Security,1,Web Security,1,Webmin,1,What's New,1,Windows 11,1,
ltr
item
Linux code EDU: How to set up SSH key on CentOS 8
How to set up SSH key on CentOS 8
https://blogger.googleusercontent.com/img/a/AVvXsEgA4JJAnmZbUH_sycCjUuOP5smYnzfn64E2ajnE0XQe2-2WfaOJB6Fo1akMjfHRRpcsQ41eN-b_sSVWEpjCNvb8imjruqol95BRcdKxilyPVNzW8ddpMPsdk5WMG1iUIEam1hWACsnJCEy2Dc0HGqSUGWTVPq4UDk_EmjAo8sLlmZg5n1LSwHqWjVryyQ=w640-h398
https://blogger.googleusercontent.com/img/a/AVvXsEgA4JJAnmZbUH_sycCjUuOP5smYnzfn64E2ajnE0XQe2-2WfaOJB6Fo1akMjfHRRpcsQ41eN-b_sSVWEpjCNvb8imjruqol95BRcdKxilyPVNzW8ddpMPsdk5WMG1iUIEam1hWACsnJCEy2Dc0HGqSUGWTVPq4UDk_EmjAo8sLlmZg5n1LSwHqWjVryyQ=s72-w640-c-h398
Linux code EDU
https://linuxcodeedu.blogspot.com/2021/05/how-to-set-up-ssh-key-on-centos-8.html
https://linuxcodeedu.blogspot.com/
https://linuxcodeedu.blogspot.com/
https://linuxcodeedu.blogspot.com/2021/05/how-to-set-up-ssh-key-on-centos-8.html
true
6096992636254302192
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content