LabEx
Log In Join For Free

Configure Key-Based Authentication for SSH

LinuxLinuxBeginner
Practice Now

Introduction

In this challenge, you will learn how to configure key-based authentication for SSH, which is a more secure alternative to password-based authentication. You will generate a public-private key pair, configure the SSH server to accept key-based authentication, and use the key pair to log in to the SSH server without a password.

Skills Graph

%%%%{init: {'theme':'neutral'}}%%%% flowchart RL linux(("`Linux`")) -.-> linux/BasicSystemCommandsGroup(["`Basic System Commands`"]) linux/BasicSystemCommandsGroup -.-> linux/echo("`Text Display`") subgraph Lab Skills linux/echo -.-> lab-389438{{"`Configure Key-Based Authentication for SSH`"}} end

Generate a Public-Private Key Pair

Tasks

  • Generate a new public-private key pair using the ssh-keygen command.
  • Save the key pair in the default location (~/.ssh/id_rsa and ~/.ssh/id_rsa.pub).
  • Do not set a passphrase for the private key.

Requirements

  • Generate the key pair as the labex user.
  • Use the default file names and locations for the key pair.
  • Do not set a passphrase for the private key.

Example

After generating the key pair, you should see the following files in the ~/.ssh directory:

$ ls -l ~/.ssh
-rw------- 1 labex labex 1679 Apr 12 12:34 id_rsa
-rw-r--r-- 1 labex labex  402 Apr 12 12:34 id_rsa.pub

The id_rsa file contains the private key, and the id_rsa.pub file contains the public key.

Configure the SSH Server to Accept Key-based Authentication

Tasks

  • Edit the SSH server configuration file (/etc/ssh/sshd_config) to enable key-based authentication.
  • Restart the SSH service to apply the changes.

Requirements

  • Edit the sshd_config file as the root user.
  • Uncomment the PubkeyAuthentication and AuthorizedKeysFile lines and set the appropriate values.
  • Restart the sshd service to apply the changes.

Example

After configuring the SSH server, you should be able to log in to the server using the generated key pair without a password.

Summary

In this challenge, you learned how to configure key-based authentication for SSH. You generated a public-private key pair, configured the SSH server to accept key-based authentication, and used the key pair to log in to the SSH server without a password. This method of authentication is more secure than password-based authentication, as it eliminates the risk of password theft or guessing. By completing this challenge, you have gained practical experience in managing SSH security and improving the overall security of your systems.

Other Linux Tutorials you may like

Related Linux Courses
Quick Start with Linux

Quick Start with Linux

LinuxShell
Beginner
Linux for Noobs

Linux for Noobs

LinuxShell
Intermediate
Practice Linux Commands

Practice Linux Commands

LinuxShell
Beginner

We use cookies for a number of reasons, such as keeping the website reliable and secure, to improve your experience on our website and to see how you interact with it. By accepting, you agree to our use of such cookies. Privacy Policy