ssh_keys []

Creating keys

        
              ssh-keygen

Similar output will be:

        
              $ ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): test
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in test.
Your public key has been saved in test.pub.
The key fingerprint is:
01:01:43:22:c2:ec:24:85:f3:88:44:88:d6:df:7d:ea Luke@lukeshost

Copying public keys to device

Now we need to copy the public key onto the server

        
              ssh-copy-id -i ~/.ssh/servername_id_rsa.pub Luke@x.x.x.x

If the server has a custom port:

        
              ssh-copy-id -i ~/.ssh/servername_id_rsa.pub '-p 1234 Luke@x.x.x.x'

Logging in using private key

You can then log into the device using the private key:

        
              ssh -i ~/.ssh/servername_id_rsa Luke@x.x.x.x

If the private key matches the public key located on the server then it will allow you to log in!#

Creating ssh alias

Now we can make our lives a little easier so we do not have to specify the key each time:

        
              vim ~/.ssh/config

        
              Host ServerName
  Hostname x.x.x.x
  User Luke
  Port 22 #or you can specify custom port
  IdentityFile ~/.ssh/servername_id_rsa #this is the location to the pivate key that you created above

You will now be able to ssh into a device with the shortcut:

        
              ssh ServerName

Locking Down to Keys-Only

Next we could potentially lock down the server so ONLY keys work.
Add the following to /etc/ssh/sshd_config

        
              PasswordAuthentication no

Then make sure you reload the configuration file.

WARNING: Keep one session open and attempt to log in from a different session, this allows you to get back in if you made an incorrect update