Securing SSH with Keys

To Secure your server you need to make sure that remote access system such as SSH ( Secure Shell) is secure. In this Howto i will show you how you can secure your Server with SSH keys.


Generate SSH keys on your local system.

linux-06ac:~ # ssh-keygen -t rsa
 Generating public/private rsa key pair.
 Enter file in which to save the key (/root/.ssh/id_rsa):

Enter passphrase (empty for no passphrase): 
 Enter same passphrase again: < Repeat the Password >
 Your identification has been saved in /root/.ssh/id_rsa.
 Your public key has been saved in /root/.ssh/
 The key fingerprint is:
 0b:31:08:e4:jb:9e:0f:00:12:42:7e:00:1b:0d:0c:34 [MD5] root@linux-06ac
 The key's randomart image is:
 +--[ RSA 2048]----+
 |..oA |
 |+ oP- |
 |.+o+ . |
 |..+... |
 | ...o . B |
 | +. . oo |
 | . .. o |
 | . ..... |
 | o... |

The above will Generate public and private key pairs.

Step 2:

Copy the public key to the server where you wish to ssh and the mention the user with which you want to connect.

 linux-06ac:~ # ssh-copy-id -i /root/.ssh/ itpings@

Step 3:

It will ask the password for the user itpings

Step 4:

On Server Change the following in /etc/ssh/sshd_config

PermitRootLogin no
PasswordAuthentication no

Save and Exit.

All done.

Now your Server is secure and only accessible from your local system. Please note that, if you have provided the passphrase for extra security , it will always ask for that passphrase.

Now you can test the system by trying to connect it from various computers and then from you local computer to make sure that everything is setup as per desire.