Also Part of: Hardening Linux Servers
ssh-keygen -t rsa
Go to .ssh under your home directory
cd ~/.ssh
Info: In case you don't have a “.ssh” directory, create it and set the permissions to 700
mkdir .ssh && sudo chmod 700 .ssh
Inside you should have a file called “authorized_keys”. If you do not, make it and set the permissions to 600
touch authorized_keys && sudo chmod 600 authorized_keys
Copy your public key from *.pub to authorized_keys. It should look something like this:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDVtv5prVJ[.....]
ssh-copy-id user@remote-host
Important! Be 110% sure the passwordless login works, else you will lock yourself out.
Edit the file “sshd_config”
nano /etc/ssh/sshd_config
Update / Confirm the following 3 values:
PasswordAuthentication no ChallengeResponseAuthentication no UsePAM no
Restart the service with:
sudo systemctl restart sshd
sudo nano ~/.ssh/config
~/.ssh/config eg:
Host opportunity HostName 10.20.30.40 User remoteUser IdentityFile ~/.ssh/privateKey
Connect with:
ssh opportunity