Setting up authorization on the server with SSH key.

Creating SSH keys for secure login to your server

Setting up a secure SSH connection starts with creating a public and private key. This is especially important when working with a VPS or a dedicated server, where secure access is critical. Once generated, the public key is copied to the server, while the private key stays safely on your local machine.

Generating a Key Pair

To create the keys, run:

ssh-keygen -t ed25519

Note

If you're using an older system that doesn't support Ed25519, use ssh-keygen -t rsa -b 4096

The program will ask you to specify a directory to save the keys and prompt you for a passphrase. Press Enter to accept the default settings; the keys will be saved in the .ssh directory in your home folder.

To navigate to the key directory, run:

cd ~/.ssh

You should see two files:

  • id_rsa — your private key
  • id_rsa.pub — your public key

Store the private key in a secure location and transfer the public key to the server.

Copying the Public Key to the Server

Append the contents of id_rsa.pub to the authorized_keys file on the server:

cat id_rsa.pub >> ~/.ssh/authorized_keys

Configuring the OpenSSH Server

Open the server’s SSH configuration file:

nano /etc/ssh/sshd_config

Make sure the following settings are in place:

PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
PasswordAuthentication no

Set the correct permissions:

chmod 700 ~/.ssh/
chmod 600 ~/.ssh/authorized_keys

Reload the SSH server to apply the changes:

systemctl reload sshd

At this point, the server-side setup is complete.

Configuring SSH on Linux Clients

For convenient access, create a ~/.ssh/config file and add:

Host server.net
IdentityFile ~/.ssh/keys/id_rsa

Set proper permissions for the config file:

chmod 600 ~/.ssh/config

To connect to the server, run:

ssh user@server.net

If you want to specify the key manually, use:

ssh -i ~/.ssh/id_rsa user@server.net

Your SSH key-based authentication is now set up. Access is secure, and passwords are no longer required.

Need help?Our engineers will help you free of charge with any question in minutesContact us