How to Set Up SSH Keys for Secure Server Access

In server management and cloud environments, using SSH keys instead of passwords is a best practice for improving both security and efficiency. SSH keys provide a secure, password-less way to access your servers and automate workflows without compromising safety.

This guide walks you through the steps to generate, configure, and use SSH keys on your local machine for secure remote server access.

What Is an SSH Key?

An SSH key is a pair of cryptographic keys: a public key and a private key. The public key is placed on the server, while the private key remains on your local device. When you attempt to connect, the server uses the public key to verify that the private key matches, allowing secure access.

Advantages of Using SSH Keys

• Stronger security than traditional passwords
• Enables automated processes and scripts
• Prevents brute-force password attacks
• Easier to manage and revoke access

Step-by-Step Guide to Set Up SSH Keys

1. Generate an SSH Key Pair

Open your terminal and run:

ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

This will generate your key pair. You’ll be prompted to select a file location (press Enter to accept default) and optionally set a passphrase for added security.

2. Locate the SSH Keys

By default:

• Private key: ~/.ssh/id_rsa
• Public key: ~/.ssh/id_rsa.pub

3. Add the Public Key to the Server

Use the following command to copy your public key to the remote server:

ssh-copy-id username@server_ip

If ssh-copy-id is not available, use this manual method:

cat ~/.ssh/id_rsa.pub | ssh username@server_ip "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

Set correct permissions on the server:

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

4. Test the SSH Key Login

Now log in using:

ssh username@server_ip

If everything is correct, you’ll access the server without entering a password.

5. Optional: Disable Password Authentication

To enforce key-only access:

1. Edit the SSH server configuration:

sudo nano /etc/ssh/sshd_config

2. Update or add the following lines:

PasswordAuthentication no
PermitRootLogin no

3. Restart the SSH service:

sudo systemctl restart sshd

Managing Multiple Keys

If you’re working with multiple servers, use the SSH config file:

Host myserver
    HostName 192.168.1.100
    User deploy
    IdentityFile ~/.ssh/id_rsa_myserver

You can also use ssh-agent to manage passphrases during your session.

Conclusion

SSH keys are a fundamental part of secure server administration. By replacing passwords with key-based authentication, you can enhance your infrastructure’s security and streamline your access workflows.

Summary:

• Generate keys with ssh-keygen
• Install your public key on the server
• Test the connection
• Optionally disable password login

If you’re hosting on platforms like Linkdata.com, SSH key setup is highly recommended before deploying to any server environment.