When you connect to a host via SSH, you’ll be asked for your password, and after you authenticate you’ll be connected. Instead of using your password though, you can authenticate via Public Key Authentication instead.
The benefit to this is added security, as your system password is never transmitted during the process of connecting to the server.
Creating SSH keys
Step 1 : you’ll first need to generate your key. To do so, use the ssh-keygen command as your normal user account.
- First, you’ll be asked for the directory in which to save your key files, defaulting to /home/user/.ssh.
- You’ll next be asked for a passphrase, which is optional. You can press Enter for the passphrase without entering one if you do not want this.
Step 2: It will create two files, id_rsa and id_rsa.pub.
- The id_rsa file is your private key.
- id_rsa.pub : The public key is the key that gets copied to other servers to facilitate you being able to log in via the key-pair. When you log in to a server that has your key, it checks that it’s a mathematical match to your private key, and then lets you log in
Copy the Public Key to the Server
Step 1 : To actually transmit your public key to a target server, we use the ssh-copy-id command. In the following example, I’ll show a variation of the command that’s copying the key to a server email@example.com
ssh-copy-id -i ~/.ssh/id_rsa.pub firstname.lastname@example.org
Step 2 : The contents of ~/.ssh/id_rsa.pub on your machine are copied into the ~/.ssh/authorized_keys file on the target server. With each additional key you add (for example, you connect to that server from multiple machines), the key is added to the end of the authorized_keys file, one per line.
Step 3 : Authenticate to your Server Using SSH Keys