Introduction:
SSH (Secure Shell) keys provide a secure and convenient way to authenticate and log in to remote servers without the need for passwords. By using SSH keys, you can enhance the security of your Rocky Linux 9 server and simplify the authentication process. In this article, we will guide you through the process of setting up SSH keys on Rocky Linux 9.
Step 1: Generate SSH Key Pair:
The first step is to generate an SSH key pair on your local machine. Open a terminal on your local machine and run the following command:
ssh-keygen -t rsa -b 4096
You will be prompted to provide a location to save the key pair. The default location is usually ~/.ssh/id_rsa. Press Enter to accept the default location. You will also be prompted to set a passphrase for your key pair. While optional, setting a passphrase adds an extra layer of security.
Step 2: Copy the Public Key to the Rocky Linux Server:
Once you have generated the SSH key pair, you need to copy the public key to your Rocky Linux 9 server. Run the following command to copy the public key to the server:
ssh-copy-id username@server_ip
Replace username with your username on the Rocky Linux server, and server_ip with the IP address or hostname of your server. You will be prompted to enter the password for the user on the server.
Step 3: Configure SSH Server (if necessary):
By default, Rocky Linux 9 should be configured to accept SSH key-based authentication. However, if you encounter any issues, you may need to adjust the SSH server configuration. Open the SSH server configuration file on the server:
sudo nano /etc/ssh/sshd_config
Ensure that the following settings are enabled:
PubkeyAuthentication yes PasswordAuthentication no
Save and close the file, then restart the SSH service:
sudo systemctl restart sshd
Step 4: Test SSH Key Authentication:
To verify that SSH key authentication is working correctly, open a new terminal on your local machine and run the following command:
ssh username@server_ip
Replace username with your username on the server, and server_ip with the IP address or hostname of your Rocky Linux server. If you have set a passphrase for your SSH key, you will be prompted to enter it. If everything is set up correctly, you should be logged in to the server without needing to enter a password.
Step 5: Disable Password Authentication (Optional):
For enhanced security, you may choose to disable password authentication and rely solely on SSH keys for authentication. To do this, open the SSH server configuration file on the server:
sudo nano /etc/ssh/sshd_config
Set the following value:
PasswordAuthentication no
Save and close the file, then restart the SSH service:
sudo systemctl restart sshd
Conclusion:
Congratulations! You have successfully set up SSH keys on your Rocky Linux 9 server. By using SSH keys, you have improved the security of your server and eliminated the need for password-based authentication. SSH keys provide a secure and efficient way to log in to remote servers, and they can be used for various automation and remote access purposes. Remember to keep your private SSH key secure and consider passphrase-protecting it for an added layer of security. With SSH keys set up, you can now enjoy secure and convenient remote access to your Rocky Linux server.
Nilesh R. Agrawal 