How To Setup SSH Keys
By far the most secure method of logging into your cloud server via SSH is to use SSH keys. If passwords are too simple, brute-force attacks can eventually crack them. Complicated passwords are difficult to remember, and writing them down negates the purpose of a password.
Using a brute force attack, deciphering SSH keys is nearly impossible. You’ll obtain a pair of very long strings of characters if you produce an SSH key: a public and private key. Public keys are stored on the server you’re attempting to access, and the only way to unlock them is to use the private key that you’ll have with you. SSH utilizes this to verify your identity by ensuring that your private key can unlock the server’s public key.
SSH key pairs
The first step is to create the public and private key combination. To do so, simply open a terminal window on the system you’ll be using to connect to the remote server (most likely your own workstation).
We’ll be utilizing RSA keys in this case. Because the default values are likely to be correct, you can simply hit enter to accept them. You can, however, choose to add a passcode for more security. The pass is a password that unlocks your private key, which means that someone must have both the private key and your pass in order to gain access. If you don’t want to type a password every time, you can choose not to use one.
$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/Users/user/.ssh/id_rsa): test Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/user/.ssh/id_rsa. Your public key has been saved in /Users/user/.ssh/id_rsa.pub.
We now have an id rsa and an id rsa.pub file, which include your private and public keys, respectively, as you can see from the output of the programme. This public key can now be sent to servers that want to use public key authentication.
The SSH software stack includes a handy tool called ssh-copy-id that makes installing SSH keys on your target server a breeze. All you have to do is run the following command, replacing user and host with your remote host’s details.
$ ssh-copy-id user@host
If that command is not available in your operating system, use the following command instead. If you get an error about your.ssh folder not existing, log in to your server and run mkdir /.ssh to create it.
$ cat /Users/user/.ssh/id_rsa.pub | ssh user@host "cat >> ~/.ssh/authorized_keys"
You can now SSH into the server, and you’ll notice that your server won’t ask for any credentials. If you’ve set up a passphrase for your private key, that’s the only thing it’ll ask for.
We provide the option of uploading key pairs to our cloud system (you can upload your public key) and selecting the key pair when constructing your server for our cloud computing clients. It will be automatically added to your server, allowing you to log in with no passwords and without having to go through any of the above steps.