October 12, 2017
From now on, Hostens provides to its customers to install and use SSH Key. SSH Key offers a more secure way of logging into a virtual private server. Basically, its function is quite similar compared to commonly used passwords, but the keys are primarily used for automated processes and for implementing single sign-on by system administrators and power users.
For security reasons, it is recommended to use SSH keys instead of the password for accessing server. The biggest advantage SSH keys provide is that its nearly impossible to be deciphered, while a password could be cracked or intercepted by brute-force password attacks. Furthermore, authentication by SSH keys is more convenient than using password, due to you will be able to connect server or multiply server without any need to remember and enter your password each time.
How To Install It?
Hostens team prepared and gives you an easy step-by-step guide how to set up and use SSH Keys.
For security reasons it is recommended to use SSH keys instead of password for accessing server. The biggest advantage SSH keys provide is that its nearly impossible to be deciphered, while a password could be cracked or intercepted by brute-force password attacks. Furthermore, authentication by SSH keys is more convenient than using password, due to you will be able to connect server or multiply server without any need to remember and enter your password each time.
1. Generating SSH keys pair
SSH keys are always generated in pairs with private and public key. The private key should be safely guarded and known only by you. The public key can be shared with any server, which you would like to access.
Generate SSH keys via command line in Linux OS
To generate SSH keys run command:
ssh-keygen
Then you will be asked in which file key should be saved:
Enter file in which to save the key (/home/username/.ssh/id_rsa):
Secondly you will be asked for passphrase:
Enter passphrase (empty for no passphrase):
It is not required, but highly recommended because passphrase provides more security. Without passphrase your private key would be stored on your computer in an unencrypted form. We recommend enter passhrase and choose something that will be hard to guess in order to ensure security of your private key.
Finally you will see a message, where your private and public keys were saved:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
4d:23:69:6a:7a:39:12:a2:eb:bb:d6:78:66:2a:64:a9 [email protected]
Generating SSH keys via PuTTY Key Generator (PuTTYgen) in Windows OS
PuTTYgen is a free utility, which we will use to generate SSH keys for use in PuTTY to connect server. PuTTYgen and PuTTY client could be downloaded here. Run downloaded PuTTYgen and press button Generate:
After pressing Generate start moving the mouse within the window, because Putty uses mouse movements to collect randomness. When key would be generated enter passphrase to Key passphrase: and Confirm passphrase: fields. Note: it is not required, but highly recommended because passphrase provides more security. Without passphrase your private key would be stored on your computer in an unencrypted form. We recommend enter passhrase and choose something that will be hard to guess in order to ensure security of your private key.
Then press buttons Save public key and Save private key, enter names for files and choose folder where files should be stored:
2. Set up SSH keys
For set up SSH keys to your server you could to install / re-install OS. Details are here https://www.hostens.com/knowledgebase/install-reinstall-os
First of all open saved public key file and perform these changes:
For key generated via command line (Linux OS)
You may see such key:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4H28lnMmxT6c+6KzlNGuUDH7C+bWwyaMpp4gV/iOyX0R/laSeliolW1fxJdVHkLKUL7uewMu+h6RDsjkprFZKP7XEdzxYFRzOKzB541QjIunl33qhd6XLgdc4o0ddJs6RGYaxJJgxYWmBNS+1HKEGWK9uCONRv9CJD/QY/BTaMXfHMMf2FLrYJcIebVPsciz0HngAJ04I/KptGf+ILQQ+kLEeKJJIFRC4Zu0+pbX1niF7oMXXHdvf7xypF8pleDLJzWD92KF7AFlQ+973v/sL2bM5yRPZlX7LcG6GsNdc34Ht2drbmfFEwsN12W7jCEomCIucoXieInxECOI9AUTj [email protected]
Change [email protected] to root@, where is your server IP address. After changes public key should look like as:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4H28lnMmxT6c+6KzlNGuUDH7C+bWwyaMpp4gV/iOyX0R/laSeliolW1fxJdVHkLKUL7uewMu+h6RDsjkprFZKP7XEdzxYFRzOKzB541QjIunl33qhd6XLgdc4o0ddJs6RGYaxJJgxYWmBNS+1HKEGWK9uCONRv9CJD/QY/BTaMXfHMMf2FLrYJcIebVPsciz0HngAJ04I/KptGf+ILQQ+kLEeKJJIFRC4Zu0+pbX1niF7oMXXHdvf7xypF8pleDLJzWD92KF7AFlQ+973v/sL2bM5yRPZlX7LcG6GsNdc34Ht2drbmfFEwsN12W7jCEomCIucoXieInxECOI9AUTj [email protected]
Choose actual OS from drop-down list, mark Use SSH key and paste public key to the field below.
For key generated via PuTTYgen (Windows OS)
You may see such key:
—- BEGIN SSH2 PUBLIC KEY —-
Comment: “rsa-key-20170914”
AAAAB3NzaC1yc2EAAAABJQAAAQEAhdTLlJz6DiY25lj1nmjULToCqbkVideWg3xM
JQa0TEpCxy/IYdmsg6T4thWD0Y42btuKT8x7gKwjlttuRoQPCQomlyCBoVsdM+ax
/U6PxvjWNpVVrk6qXORslLsRU/LvCn2NkfLZiYZGIE3SrcPvQIiYQJ/yZBCJg/7L
OnTkGbzJq9SR+iyAVmL3xduMKx8KOB8Ohk3o6N/1onFizBCnrUAXpN3vh2dCZCPF
nOb+lcjqn8LplFUv205kSJH8kHbRsc8N1QBl0U9UX+Ij72KKq0HyG21lZdF1UF4H
NTyuzaS1luknL6QuhQQ9IcYmedw7BxcIIBkDsorE4cFquU+gjQ==
—- END SSH2 PUBLIC KEY —-
Copy key between comment Comment: “rsa-key-20170914” and end of key —- END SSH2 PUBLIC KEY —-. Also delete all new lines, which could be by opening file via Notepad. Choose actual OS from drop-down list and mark Use SSH key. To the filed below enter “ssh-rsa “, then paste copied public key and enter “ root@“, where is your server’s IP address. Pasted public key should look like as:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAlnlhLnzD3+8yEYQoO724H86b/zjHEJWNy/W8AEYsQTCnkhY2lC+O6lVjBI3Fssr4cTNTZ6H+Yh0nbqUdBoYJjkXjAMHVNDo0FYJH5Urgq6OeV3EaxZeuQxcSTzSU4zXBB2SlQ5ZYNGsEGW71nnXPWB4ji8dbJTyodiMlcR/1GuW2d8cPNXUj/gk381NypSvdLF9T4XNAOfQWtFR13wg/YtgnIM1m3jjbtoLo1GKgau68NEp5oQVOMHWQC7/cHqJaWWsbEt/lQjr9wUoMIjjwzThJlWwF86rNVRkz+ORBDyoDioFTXcOSe93hy2Hm4ow8F2kDqlS+05v/qShOTiKWWw== [email protected]
3. Connect server with SSH keys
Connection via PuTTY (for Windows OS)
Most convenient is to create and save profile for connection in PuTTY. First of all open PuTTY and in the Host Name (or IP address) field enter your server hostname or IP address. Enter port for SSH into field Port (default is 22) and mark SSH as Connection type:
On the left-hand side of the window select Data under Connection. To the field Auto-login username enter root:
Expand SSH under Connection and select Auth. Click button Browse on the right-hand side of window and choose your private key.
Select the Session category and enter profile name to the Saved Sessions field. Click button Save in the Load, Save or Delete a stored session area.
Now you are to log in with saved profile – just choose it in the list under Saved Sessions and click button Open. You will not be asked for a password, but, if you had set a passphrase, you would be asked for it at every time you log in.
Connection via command line (for Linux OS)
Firstly you need to create a ~/.ssh/config file on your computer and add key and server details to it:
Host shortcut
HostName serverIPAddress
User root
IdentityFile /home/username/.ssh/id_rsa
Where:
* Host is name of shortcut you will use for connect your server
* HostName is IP address of server you would connect
* User is root
* IdentityFile is full route to your private key
After ~/.ssh/config file would be created, you will be able to connect the server by shortcut name via command:
ssh shortcut
You will not be asked for a password, but, if you had set a passphrase, you would be asked for it at every time you log in.
This instruction originally appeared on our knowledgebase here https://www.hostens.com/knowledgebase/how-to-set-up-and-use-ssh-keys/
