Skip to main content

2. Setting up key-based authentication

Key-based authentication is where the client machine authenticates with the host using a long string of alphanumeric characters. Private Key is like the password and the public key is stored on the server. The server checks for the match between the two before authenticating. This is a much more secure manner of logging in via ssh into your server.

Steps to set up key-based authentication:

To Generate a key pair:

ssh-keygen -t RSA -b 4096 -m PEM

It will then ask you for a prompt for a passphrase. You can think of this as a second-factor of authentication. You can leave this blank if you wish.

This will paste the id_rsa private key file and the id_rsa.pub in the ./.ssh directory of your home user.

Copying Public Key to host machine from client machine:

ssh-copy-id username@host-machine-ip

You will next be prompted to enter the password of that username. Enter it and you're done. Try logging in via into the server, and you should be right in, or it will trigger an entry for the passphrase if you set one.

Back to top