How to use a Private key for SSH authentication

Use a Private key for SSH authentication

What’s a private key?

Even the most complex passwords cannot match the cryptographic strength of private keys. With SSH, private keys significantly improve security by relieving users of the burden of remembering complex passwords (or worse yet, writing them down).

Let’s first Open a terminal and generate a private key.

Step 1 : Check to see if you already have an SSH key.

$ ls ~/.ssh

Output:

Step 2 : Create SSH key.

$ ssh-keygen

Output:

– The command will prompt you for a file name. By default, the ssh key pairs are stored as id_rsa and id_rsa.pub for private key and public key, respectively.

$ Enter file in which to save the key (/home/ubuntu/.ssh/id_rsa):

To use the default filename, press ENTER and proceed.

In the next part, enter a passphrase to secure your key pairs. You can skip this by pressing ENTER.

$  Enter passphrase (empty for no passphrase):

$  Enter same passphrase again:

Step 3 : Copy public key to the remote host.

$ ls ~/.ssh

Output:

To use the SSH key pair you created, we must first copy the public key to the remote server. Fortunately, OpenSSH includes the ssh-copy-id function to do this.

$ ssh-copy-id remote_server_user@remote_server_ip

Step 4 : SSH using The Private Key.

$ ssh remote_server_user@remote_server_ip

You have now successfully utilized SSH key-based authentication. By eliminating password login, you may provide an extra degree of protection.

Conclusion

This tutorial has shown you how to create SSH key pairs and copy the keys to remote hosts. The steps mentioned above allow you to authenticate SSH sessions without using a password. Furthermore, you may control numerous servers at the same time with a single key pair.

8 thoughts on - How to use a Private key for SSH authentication

  • This is not SSH using private key, this is ssh using Public Key, you copied public key to target server.

    Private key based autentication is you copy the private key of target server into Source server and pass it with ssh command with “-i” attribule

    • Hi,
      Thank you for your response,
      As stated in the article, we are connecting using a private key we didn’t use -i attribute because we are using the key located in ~/.ssh/id_rsa
      when id_rsa file exists, the ssh command applies -i ~/.ssh/id_rsa automatically.
      I hope you found this helpful, don’t hesitate to ask .
      Best regards.

  • This is not using the private key and this is ssh using the public key as needs to be registered to a remote server, the writer surely didn’t know the difference. Using the private key to login to the ssh server means that you can use a single private key from any machine, anywhere, and still be able to login to the remote server without any registering overhead.

    • Hi,
      The public key needs to be registered on the remote server, ensuring that only the corresponding private key can gain access. While using the private key for SSH login provides convenience, it’s essential to note that this private key should be kept secure, and its compromise can result in unauthorized access.

  • Can you show me how copy the private key of target server into Source server and pass it with ssh command with “-i” attribute from Windows cmd command line or winSCP?

      1. – Navigate to your home directory on the remote host.
        – Create a new file named authorized_keys if it doesn’t already exist:
        touch ~/.ssh/authorized_keys
        – Use a text editor to open the authorized_keys file and paste your public key into it.
        – Save the file. use -i and specify private key path

LEAVE A COMMENT