Generating an SSH Key and Copying it to Remote Server
mkdir ~/.ssh && chmod 700 ~/.ssh touch ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys # copy key.pub to authorized_keys # nano /etc/ssh/sshd_config service ssh reload
Generate the Key (on local server)
cd ~/.ssh && ssh-keygen -t ed25519
Ed25519 is a newer algorithm which is faster than
RSA. Ed25519 is supported by OpenSSH so you should be good in almost all cases. Github recommends passing it your email with
-C which is then uses as a label.
cd ~/.ssh && ssh-keygen -t ed25519 -C "firstname.lastname@example.org"
Making Sure the Remote Server Accepts SSH Keys
view the server’s sshd_config file
Check the following:
RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile ~/.ssh/authorized_keys
Making sure the .ssh folder and authorized_keys file exists on Remote server
sudo mkdir ~/.ssh && sudo touch ~/.sh/authorized_keys
Setting Permission on Remote Server
sudo chmod go-w ~/ && sudo chmod 700 ~/.ssh && sudo chmod 600 ~/.ssh/authorized_keys
Copying SSH Public Key from Local to Remote Server
cat ~/.ssh/id_ed25519.pub | ssh email@example.com "cat >> ~/.ssh/authorized_keys"
id_ed25519.pub with your generated key.
- make sure the authorized_keys file isn’t empty.
- make sure you copied the correct authorized_keys file (.pub file that is)
- make sure the user you are connecting to owns the .ssh folder and the authorized_keys file
- make sure the permissions for the .ssh (700) folder and the authorized_keys (600) file are correct on the remote server
- make sure the path given in ‘sshd_config’ is correct.
~/.ssh/authorized_keysare different if the user you are connecting to isn’t root.
~/.ssh/authorized_keysis preferred since it is relative to the user.