Atlantic.Net Blog

How to Set Up SSH Keys on Ubuntu 18.04

Hitesh Jethva
by Atlantic.Net (64posts) under VPS Hosting
0 Comments

SSH stands for “Secure Shell” and is an encrypted protocol used to log in and manage a remote server. SSH also supports various authentication mechanisms. SSH uses password-based authentication and public key-based authentication for a secure connection between a client and a server. SSH key-based authentication is more secure than password-based authentication because keys are very hard to guess or crack using currently available computing power.

In this tutorial, we will show you how to set up SSH key-based authentication on an Ubuntu 18.04 server.

Prerequisites

  • Two fresh Ubuntu 18.04 VPS on the Atlantic.Net Cloud Platform.
  • Root passwords configured on both servers.

Step 1 – Create an Atlantic.Net Cloud Server

First, log in to your Atlantic.Net Cloud Server.  Create a new server, choosing Ubuntu 18.04 as the operating system with at least 2GB RAM. Connect to your Cloud Server via SSH and log in using the credentials highlighted at the top of the page.

Once you are logged into your Ubuntu 18.04 server, run the following command to update your base system with the latest available packages.

apt-get update -y
apt-get upgrade -y

Step 2 – Generate the SSH Key on the Client Machine

First, log in to your client machine and generate a new SSH key pair by running the following command:

ssh-keygen -t rsa

You will need to press Enter to accept the default file location and provide a passphrase to add an extra layer of security, as shown below:

Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
cd:58:c4:35:60:6f:a4:2e:f0:b7:42:c5:20:78:86:b2 [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
|     o. ..+o+    |
|  . o o. =.+ .   |
|   o o.   = o    |
|  E    o B .     |
|        S =      |
|       . o .     |
|        . .      |
|         .       |
|                 |
+-----------------+

The above command will generate a 2048-bit RSA key pair with a secure passphrase to prevent unauthorized users from logging in.

You can see the generated public and private keys with the following command:

ls -l .ssh/id_rsa*

You should see the following output:

-rw------- 1 root root 1766 Nov  1 11:03 .ssh/id_rsa
-rw-r--r-- 1 root root  401 Nov  1 11:03 .ssh/id_rsa.pub

At this point, you have public and private keys that you can use to authenticate with your Ubuntu server.

Step 3 – Copy the Public Key to the Ubuntu Server

Next, you will need to copy the public key from the client machine to your Ubuntu 18.04 server. You can copy the public key with ssh-copy-id utility as shown below:

ssh-copy-id [email protected]

You should see the following output:

The authenticity of host '192.168.0.102 (192.168.0.102)' can't be established.
ECDSA key fingerprint is f7:9c:72:63:33:ac:d6:49:26:9c:af:c6:ff:11:27:01.
Are you sure you want to continue connecting (yes/no)? yes

Type “yes” and press ENTER to continue. You should see the following output:

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:

Next, you will be prompted to enter the remote username and password. After the successful authentication, the content of the public key ~/.ssh/id_rsa.pub will be appended to the remote user ~/.ssh/authorized_keys file as shown below:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.

Step 4 – Disable SSH Password Authentication

Next, log in to your Ubuntu 18.04 server machine and disable SSH password-based authentication to add an extra layer of security to your server.

You can disable password-based authentication by editing the file /etc/ssh/sshd_config:

nano /etc/ssh/sshd_config

Find the following lines and change the value to “no”:

PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no

Save and close the file, then restart SSH service to apply the configuration:

systemctl restart ssh

Step 5 – Log in to the Server using SSH Keys

At this point, SSH key-based authentication is configured. Now it’s time to log in to the Ubuntu 18.04 server machine with the public key.

You can login to your Ubuntu 18.04 server by simply running the following command:

ssh [email protected]

If you are logging in for the first time, you will be prompted as shown below:

The authenticity of host '192.168.0.102 (192.168.0.102)' can't be established.
ECDSA key fingerprint is f7:9c:72:63:33:ac:d6:49:26:9c:af:c6:ff:11:27:01.
Are you sure you want to continue connecting (yes/no)? yes

Type Yes and hit Enter key to continue. Next, you will be prompted to enter the passphrase for your private key as shown below:

Enter passphrase for key '/root/.ssh/id_rsa':

Provide your private key passphrase and hit Enter to log in to your server.

Conclusion

In the above tutorial, we learned how to set up an SSH key-based authentication with a passphrase on Ubuntu 18.04. The connection between your client machine and Ubuntu 18.04 server machine is now highly secure. You can also use the same key for another remote server. If you’re ready to get started with SSH key-based authentication, try VPS hosting with Atlantic.Net today.

Get A Free To Use Cloud VPS

Free Tier Includes:
G2.1GB Cloud VPS Free to Use for One Year
50 GB of Block Storage Free to Use for One Year
50 GB of Snapshots Free to Use for One Year


Looking for a Hosting Solution?

We Provide Cloud, Dedicated, & Colocation.

  • Seven Global Data Center Locations.
  • Flexible Private, Public, & Hybrid Hosting.
  • 24x7x365 Security, Support, & Monitoring.
Contact Us Now! Med Tech Award FTC
SOC Audit HIPAA Audit HITECH Audit

Recent Posts

Get started with 12 months of free cloud VPS hosting

Free Tier includes:
G2.1GB Cloud VPS Server Free to Use for One Year
50 GB of Block Storage Free to Use for One Year
50 GB of Snapshots Free to Use for One Year


New York, NY

100 Delawanna Ave, Suite 1

Clifton, NJ 07014

United States

San Francisco, CA

2820 Northwestern Pkwy,

Santa Clara, CA 95051

United States

Dallas, TX

2323 Bryan Street,

Dallas, Texas 75201

United States

Ashburn, VA

1807 Michael Faraday Ct,

Reston, VA 20190

United States

Orlando, FL

440 W Kennedy Blvd, Suite 3

Orlando, FL 32810

United States

Toronto, Canada

20 Pullman Ct, Scarborough,

Ontario M1X 1E4

Canada

London, UK

14 Liverpool Road, Slough,

Berkshire SL1 4QZ

United Kingdom

Resources