Well, the title may be a bit tacky, but it’s just a simple introduction for beginners about using SSH-KEY’s.
The password based logins are most trivial way but, more of they are less secure (unless you follow all the basic guidelines for generating strong passwords), tedious to manage when you are flooded with many of them and you will have to enter them every time you want to login.. 😑😑
So, what the alternate solution? SSH-keys (Simple, secure and easy to manage)
When you talks about using some keys for login, at first it may appear a complicated thing (SSH is the word that haunt) and many of would prefer the passwords over SSH-Keys but let me tell you Its not that complicated at all if you follow the right guides ( I am not promoting myself here…😁😛)
So lets begin, Its a 3 simple steps process as below.
Step 1 : Generate keys :
If you are on windows, you will need to install tools like GIT Bash for windows or any other equivalent tool. ( I will use Git-bash for windows). For Mac or Linux you don’t need to do anything, you are already loaded just open the terminal and fire up the below command.
> ssh-keygen -t rsa -P paraphrase -f Testkey
(There ‘n’ options available out for ssh-keygen tool but we will focus on what's needed for now.)
Let me explain what we are doing here,
“Generate a RSA key pair with secrete (Paraphrase) “paraphrase” and save it in file Testkey.”
Note : keep your paraphrase strong and secret.
Now you have two files <filename> and <filename.pub>. In my case we have Testkey and Testkey.pub where Testkey is our private key and Testkey.pub is our public key.
Note : What's public key and private key?
Private key : As the name suggest, this is your private identity. Something that you only know! eg. A birth mark?
Public Key : Its your public identity. eg. Your name.
Both of them work in conjunction with each other (One private key has only one public key associate with it). one identify you publicly and other will verify that its actually you.
Step 2: Setup keys on your server :
This is by far the most simple thing. you just need to use the ssh-copy-id utility as below:
> ssh-copy-id -i <yourpubkey.pub> someuser@domainname
Here we are saying copy my this key ‘yourpubkey.pub’ to my domain (domainname) under user (someuser).
You will be prompted for entering the password for the user (here someuser). Just enter the password and hit enter. If all goes well your key will be added to your servers
(I will add a simple post on how to manually add and configure the SSH key later some point in time.)
Mac users, If you get error like ssh-copy-id not a command you will need to install it, please follow here for guidelines.
Step 3 : Login with Your keys :
As of now, we have copied the respective public key to our server and we are ready to login.
> ssh -i <pathtokey>/<privatekeyname> someuser@domainname
You will be prompted to enter you paraphrase from step 1:
You are done! 🎉🎉
We have generated the keys random location, which is not a good practice and keys should be kept at right location and with right permissions.
On windows sometimes it does not matters but on system like Linux or Mac your key will be rejected if it does not have correct permissions set.
So move your keys to
/c/Users/<systemname>/.ssh folder on windows and
~/.ssh/ folder on mac or Linux based systems.
Make sure you key have only read permissions and no write permissions and to correct user.