How To Configure SSH Keys For SSH Authentication
In this tutorial we will be:
- Changing The SSH Servers Port
- Allowing connections only va PubkeyAuthentication.
- Connecting to SSH using your new SSH Key
We will begin by editing your SSH servers configuration file: /etc/ssh/sshd_config
To change the SSH Listening Port. Locate the below line:
# Port 22
Uncomment and change the 22 to some random port number you wish to use to connect to SSH via.
Next lets confirm the following lines are set to yes (these are normally enabled by default and may be commented out):
RSAAuthentication yes PubkeyAuthentication yes
At this point please make sure your SSH keys are working properly. If they are not you will be unable to log back in via SSH.
Now change the below line to disable PasswordAuthentication and only allow access for ssh keys.
change this to:
Now lets restart the SSH service
Your SSH server should now be locked down to only allow access via SSH key authentication.
If you are installing the same key on multiple servers, you may experience a kick back when trying to login: Server Refused Our Key. make sure to run the following command on the new server. restorecon -R -v /root/.ssh This will eliminate the error Server Rejected Key when trying to log in using your SSH Private Key.