Setting up authorization on the server with SSH key.
Creating SSH keys for secure login to your server
Setting up a secure SSH connection starts with creating a public and private key. This is especially important when working with a VPS or a dedicated server, where secure access is critical. Once generated, the public key is copied to the server, while the private key stays safely on your local machine.
Generating a Key Pair
To create the keys, run:
ssh-keygen -t ed25519
Note
If you're using an older system that doesn't support Ed25519, use ssh-keygen -t rsa -b 4096
The program will ask you to specify a directory to save the keys and prompt you for a passphrase. Press Enter to accept the default settings; the keys will be saved in the .ssh directory in your home folder.
To navigate to the key directory, run:
cd ~/.ssh
You should see two files:
- id_rsa — your private key
- id_rsa.pub — your public key
Store the private key in a secure location and transfer the public key to the server.
Copying the Public Key to the Server
Append the contents of id_rsa.pub to the authorized_keys file on the server:
cat id_rsa.pub >> ~/.ssh/authorized_keys
Configuring the OpenSSH Server
Open the server’s SSH configuration file:
nano /etc/ssh/sshd_config
Make sure the following settings are in place:
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
PasswordAuthentication no
Set the correct permissions:
chmod 700 ~/.ssh/
chmod 600 ~/.ssh/authorized_keys
Reload the SSH server to apply the changes:
systemctl reload sshd
At this point, the server-side setup is complete.
Configuring SSH on Linux Clients
For convenient access, create a ~/.ssh/config file and add:
Host server.net
IdentityFile ~/.ssh/keys/id_rsa
Set proper permissions for the config file:
chmod 600 ~/.ssh/config
To connect to the server, run:
ssh user@server.net
If you want to specify the key manually, use:
ssh -i ~/.ssh/id_rsa user@server.net
Your SSH key-based authentication is now set up. Access is secure, and passwords are no longer required.