Adding an SSH key to a server
Posted on Mon 07 August 2023 in Linux
بِسْمِ ٱللَّٰهِ ٱلرَّحْمَٰنِ ٱلرَّحِيمِ
This guide will explain how to add an SSH key to a remote server/container that has Linux installed on it. The user will then be able to connect from the host machine (where the key was generated) to the remote server.
The instructions should work on most Linux distros.
Generate your SSH key on your local PC
Run this command in any terminal software (like Yakuake, Konsole, Xterm or GNOME Terminal):
ssh-keygen -t rsa -b 4096 -C "add any comment you wish here"
Follow the prompts and remember to enter the full file-path for the key + its name when asked where to save the key to:
/path/to/.ssh/my_new_key
In the .ssh/
folder, 2 files should now exist:
-
my_new_key
-
my_new_key.pub
Add SSH key to remote server/container
Now connect to your remote server. Without an existing key, the way to connect to a remote server will be via a password, like:
ssh root@<some-ip-address>
It is advisable to restrict root access and create a user. In this guide we will assume the new user is called 'ubuntu'.
As the 'ubuntu' user run these commands:
cd
mkdir .ssh
chmod 700 .ssh/
cd .ssh/
touch authorized_keys
chmod 600 authorized_keys
Now open the my_new_key.pub
file on your local PC.
Then run this command on the server to open and edit the authorized_keys
file:
nano authorized_keys
Copy and paste the entire contents of my_new_key.pub
into authorized_keys
Close the file by pressing CTRL + X
and saving.
Test the connection by running this command on your local PC:
ssh -i ~/.ssh/my_new_key -p 22 ubuntu@<server-IP-address>
Bonus: adding the SSH info to your local PC SSH config file
On your local PC, open the following file .ssh/config
using any text editor. Add the following text to this config file:
IdentitiesOnly yes
Host new-server
HostName <server-IP-address>
Port 22
User ubuntu
IdentityFile ~/.ssh/my_new_key
Host *
ForwardAgent no
IdentitiesOnly yes
It should now be possible to SSH to the server like so:
ssh ubuntu@new-server
For any errors, send me an email or contact me via Mastodon.
If you don't know how to use RSS and want email updates on my new content, consider Joining my Newsletter
The original content of this blog is a Waqf solely for the Pleasure of Allah. You are hereby granted full permission to copy, download, distribute, publish and share this content without modification under condition that full attribution is given to this author by creating a link either above or below the content that links back to the original source of the content. For any questions or ambiguity, you are requested to contact me via email for clarification.