ssh keys

· ahwx's blog


SSH #

SSH is a tool we all (might not) know and love, but configuring can be a bit tedious. That's where I try to help you with my guide.

Let's make some keys: #

Run the following code on the computer you will use to connect to your server:

1ssh-keygen

After this, please make a backup to a USB drive or something (or at least back up your .ssh directory). Store this securely, since this will be the access key to your server.

Now, let's copy the key to your server:

1ssh-copy-id root@yourdomain.tld

Now, your should be able to log in to your server without a password, try logging in:

1ssh root@yourdomain.tld

If that works, you're good!

Otherwise, try this:

1chmod 700 ~/.ssh/
2chmod 644 ~/.ssh/id_rsa.pub
3chmod 600 ~/.ssh/id_rsa
4chmod 644 ~/.ssh/authorized_keys

Now let's log into the server and edit the configuration file (/etc/ssh/sshd_config) #

1sudo nvim /etc/ssh/sshd_config

Find the following lines, and make sure they're are at these values.

UsePAM no
ChallengeResponseAuthentication no
PasswordAuthentication no
Port 10018

Let's reload the SSH configuration on the server to see if everything is working as expected, type:

systemctl reload sshd

You should validate that everything is working by opening a new terminal window, and checking if you can SSH into your server without issues. If that works, you're golden. Otherwise, don't log out and check your failure. searching online helps too :)! You should use the "-p 10018" flag to indicate that we want to use port 10018. Client side

The things you do on your local machine.

Make a file called "config" in the "~/.ssh" directory.

You are now able to enter the following content (with your server details of course)

1Host server
2  HostName yourdomain.tld
3  User root
4  IdentityFile ~/.ssh/id_rsa
5  Port 10018

If you've done this correctly, (and I didn't make any errors whilst making this post) you can now log into your server using ssh server.