/etc/ssh/sshd_config
configuration file in a text editor, and change the PasswordAuthentication
option as follows:
PasswordAuthentication no
ssh
, scp
, or sftp
to connect to the server from a client machine, generate an authorization key pair by following the steps below. Note that keys must be generated for each user separately.
Do not generate key pairs as root
root
, only root
will be able to use the keys.
Backup your ~/.ssh/ directory
~/.ssh/
directory. After reinstalling, copy it back to your home directory. This process can be done for all users on your system, including root
.
~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/john/.ssh/id_rsa):
~/.ssh/id_rsa
) for the newly created key.
Your identification has been saved in /home/john/.ssh/id_rsa. Your public key has been saved in /home/john/.ssh/id_rsa.pub. The key fingerprint is: e7:97:c7:e2:0e:f9:0e:fc:c4:d7:cb:e5:31:11:92:14 john@penguin.example.com The key's randomart image is: +--[ RSA 2048]----+ | E. | | . . | | o . | | . .| | S . . | | + o o ..| | * * +oo| | O +..=| | o* o.| +-----------------+
~/.ssh/
directory:
~]$ chmod 755 ~/.ssh
~/.ssh/id_rsa.pub
into the ~/.ssh/authorized_keys
on the machine to which you want to connect, appending it to its end if the file already exists.
~/.ssh/authorized_keys
file using the following command:
~]$ chmod 644 ~/.ssh/authorized_keys
~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/john/.ssh/id_dsa):
~/.ssh/id_dsa
) for the newly created key.
Your identification has been saved in /home/john/.ssh/id_dsa. Your public key has been saved in /home/john/.ssh/id_dsa.pub. The key fingerprint is: 81:a1:91:a8:9f:e8:c5:66:0d:54:f5:90:cc:bc:cc:27 john@penguin.example.com The key's randomart image is: +--[ DSA 1024]----+ | .oo*o. | | ...o Bo | | .. . + o. | |. . E o | | o..o S | |. o= . | |. + | | . | | | +-----------------+
~/.ssh/
directory:
~]$ chmod 775 ~/.ssh
~/.ssh/id_dsa.pub
into the ~/.ssh/authorized_keys
on the machine to which you want to connect, appending it to its end if the file already exists.
~/.ssh/authorized_keys
file using the following command:
~]$ chmod 644 ~/.ssh/authorized_keys
~]$ ssh-keygen -t rsa1
Generating public/private rsa1 key pair.
Enter file in which to save the key (/home/john/.ssh/identity):
~/.ssh/identity
) for the newly created key.
Your identification has been saved in /home/john/.ssh/identity. Your public key has been saved in /home/john/.ssh/identity.pub. The key fingerprint is: cb:f6:d5:cb:6e:5f:2b:28:ac:17:0c:e4:62:e4:6f:59 john@penguin.example.com The key's randomart image is: +--[RSA1 2048]----+ | | | . . | | o o | | + o E | | . o S | | = + . | | . = . o . .| | . = o o..o| | .o o o=o.| +-----------------+
~/.ssh/
directory:
~]$ chmod 755 ~/.ssh
~/.ssh/identity.pub
into the ~/.ssh/authorized_keys
on the machine to which you want to connect, appending it to its end if the file already exists.
~/.ssh/authorized_keys
file using the following command:
~]$ chmod 644 ~/.ssh/authorized_keys
Never share your private key
ssh-agent
authentication agent. To save your passphrase for a certain shell prompt, use the following command:
~]$ ssh-add
Enter passphrase for /home/john/.ssh/id_rsa: