SSH Keys: The Complete Guide

SSH keys are the gold standard for securing your server access. They're more secure than passwords and more convenient once set up. This guide covers everything from generating keys to disabling passwords.

Why SSH Keys?

• Impossible to brute force
• No password to remember or steal
• Works with automation
• Required for best security practices

Generating SSH Keys

Ed25519 (Recommended)

ssh-keygen -t ed25519 -C "your@email.com"

RSA (Legacy)

ssh-keygen -t rsa -b 4096 -C "your@email.com"

Copying Your Key to a Server

Method 1: ssh-copy-id

ssh-copy-id username@server-ip

Method 2: Manual

cat ~/.ssh/id_ed25519.pub | ssh username@server-ip "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys"

Connecting with SSH Keys

ssh username@server-ip

SSH Config File

~/.ssh/config

Host myserver
    HostName server-ip
    User username
    IdentityFile ~/.ssh/id_ed25519

Disabling Password Authentication

sudo nano /etc/ssh/sshd_config

PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no

sudo systemctl restart sshd

Your server is now secure with key-based authentication only!