Set up SSH keys
Last updated
Last updated
Usually, when you rent a server, you are given a username and password to connect to it. However, this poses a security risk as hackers can attempt to guess your password using brute force attacks. To mitigate this risk, you can disable password access to your server and use SSH keys instead.
My personal way is to set up just one pair of keys: the private key resides on the local PC and the public key on any server I want to access. If I use more than one local device to access my servers, I set up another key pair for each new device.
Here is a on how to set up SSH keys on your server.
Alternatively, you can use Termius, which offers a simpler method as outlined below:
Install and follow to generate an SSH key. Remember to securely store your key, either in an encrypted folder on your computer or on an encrypted USB drive.
Through Termius, you can easily export the SSH key to your host and create an identity as explained in the guide.
Test that you can successfully connect to the server using this SSH key.
If you have multiple nodes or servers, you can use the same SSH key for all of them.
Once logged into your server, run sudo nano /etc/ssh/sshd_config
.
Scroll down using the down arrow until you locate the line # PasswordAuthentication yes
. Uncomment the line (remove #) and set it to no
, like so: PasswordAuthentication no
.
To save the changes, press CTRL+X, then Y, then ENTER.
Restart your SSH service by running sudo systemctl restart ssh
.
Now, you should only be able to access the server via SSH key, and password-based access will no longer work.