Comments on Linux Basics: How To Create and Install SSH Keys on the Shell

SSH keys offer a highly secure manner of logging into a server with SSH as against mere dependence on a password. This tutorial shows you how to generate an SSH key pair by using the ssh-keygen command and how to configure the SSH Daemon to only allow logins by key.

5 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By: brandon
Reply  

thanks, this proved useful! i didnt know ssh-copy-id existed. :s

By: Dreus
Reply  

What to do when there is already a key in ~/.ssh? Is there a risk of overwriting?

By: Daniel
Reply  

What is the Step Two? Can you specify it clearly in the article? Thanks!

By: till
Reply  

There was just a numbering issue in the headlines. Thank you for pointing that out.

By: John
Reply  

Preventing root login is a good thing, but even allowing it by private key is a risk if your client(home,office) system gets compromised.

They could then hop as root user directly on to your server.  A better solution is "PermitRootLogin no" .

Then use a regular (non-root) user (in the wheel group) with a private key to get onto server.  Then "su - root" on the server when required.  Even if the private key for this user is compromised they cannot do any real damaged. Getting used to operating with minimal privedges is a good thing and prevent accidental changes or deliberate malicious behavior your server. 

Lastly, if possible, protect the SSH port by moving it from its default, protect it with a VPN or firewall and use a brute force protection tool on SSH.