SSH Key Authentication Ubuntu 20.04

Oct 31, 2021

· 2 mins read

#### In the video below, we show how to create and authorize SSH edb25519 keys to login to a Linux server running Ubuntu server 20.04 for example

SSH keys are a more secure method of authentication than using a username and password and edb25519 is a more modern and less intensive algorithm then RSA

We show how to generate an SSH key pair, how to upload the public key to the server, how to disable password authentication on the server to enforce SSH key authentication and how to create a config file to simplify logins when you have multiple keys for instance

Useful links:

https://www.ssh.com/academy/ssh/config

Steps taken:

Generate SSH key pair on workstation

cd ~/.ssh
ssh-keygen -t ed25519 -f test-key -C "test@test.com"

Where ed25519 is the encryption algorithm we’ll use, test-key is the identity we’ll give this key pair and test@test.com is a comment we’ll attach to this

Distribute and authorize key for authentication

ssh-copy-id -i test-key test@192.168.1.20

Where test-key is the identity of the key we want authorizing for the user account test on the server 192.168.1.20

Disable password authentication on server

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak  
sudo nano /etc/ssh/sshd_config

Look for a line saying

PasswordAuthentication yes

Change this to

PasswordAuthentication no

NOTE: Ubuntu servers have one line with this commented out and another which is active. We want to change the active one

Restart SSH

sudo systemctl restart sshd

Then check the service is still working

sudo systemctl status sshd

Use the SSH config file on the workstation to manage multiple keys

touch config  
chmod 600 config  
nano config

Host * IdentitiesOnly yes Host server1 HostName 192.168.1.20 User test IdentityFile "/home/fred/.ssh/test-key"

Host server2 HostName server2.test.com User prod IdentityFile "/home/fred/.ssh/prod-key"

NOTE: In the above example, Fred is the user account we’re logged into on the workstation where SSH is being used, but we login to different servers using different user names and different keys

These are just examples of what is possible though as it is not recommened to leave usernames in the config file in case somebody gains access to it

Sharing is caring!_

Please enable JavaScript to view the comments powered by Disqus.

SSH Key Authentication Ubuntu 20.04

Oct 31, 2021

· 2 mins read

#### In the video below, we show how to create and authorize SSH edb25519 keys to login to a Linux server running Ubuntu server 20.04 for example

SSH keys are a more secure method of authentication than using a username and password and edb25519 is a more modern and less intensive algorithm then RSA

Useful links:

https://www.ssh.com/academy/ssh/config

Steps taken:

Generate SSH key pair on workstation

cd ~/.ssh
ssh-keygen -t ed25519 -f test-key -C "test@test.com"

Where ed25519 is the encryption algorithm we’ll use, test-key is the identity we’ll give this key pair and test@test.com is a comment we’ll attach to this

Distribute and authorize key for authentication

ssh-copy-id -i test-key test@192.168.1.20

Where test-key is the identity of the key we want authorizing for the user account test on the server 192.168.1.20

Disable password authentication on server

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak  
sudo nano /etc/ssh/sshd_config

Look for a line saying

PasswordAuthentication yes

Change this to

PasswordAuthentication no

NOTE: Ubuntu servers have one line with this commented out and another which is active. We want to change the active one

Restart SSH

sudo systemctl restart sshd

Then check the service is still working

sudo systemctl status sshd

Use the SSH config file on the workstation to manage multiple keys

touch config  
chmod 600 config  
nano config

Host * IdentitiesOnly yes Host server1 HostName 192.168.1.20 User test IdentityFile "/home/fred/.ssh/test-key"

Host server2 HostName server2.test.com User prod IdentityFile "/home/fred/.ssh/prod-key"

NOTE: In the above example, Fred is the user account we’re logged into on the workstation where SSH is being used, but we login to different servers using different user names and different keys

These are just examples of what is possible though as it is not recommened to leave usernames in the config file in case somebody gains access to it

Sharing is caring!_

Please enable JavaScript to view the comments powered by Disqus.

SSH Key Authentication Ubuntu 20.04

Prerequisites

What You'll Learn

IT Security & Networking

SSH Key Authentication Ubuntu 20.04

SSH Key Authentication Ubuntu 20.04

Prerequisites

What You'll Learn

IT Security & Networking

SSH Key Authentication Ubuntu 20.04