The ssh key must be genereated using the command:
ssh-keygen -b 4096 -t rsaThis will create a key pair that is stored by default in ~/.ssh. Options can be used with this command. The -b option specifies the bitsize of the key, and the -t option specifies the type of key. These options do not need to be used. A password for the key is also optional, but recommended for security.
Once the key pair is created, the public key can be sent to other computers:
ssh-copy-id user@sshThis public key is stored in ~/.ssh/authorized_keys. There can be multiple keys in this file.
The remote computer can now be logged into using the ssh key pair.
But if the key doesn’t work, the user’s password will be required. This negates the security benefits of ssh key pairs.
To deny plain text passwords, the file /etc/ssh/sshd_config on the remote computer must be edited:
PasswordAuthentication noAfter restarting the ssh service, login will only be permitted with the correct ssh key.
To change the ssh key pair password:
ssh-keygen -pYou can use a single private key across multiple machines. This makes it possible for each machine to login to each other. The public key and private key must be sent to the other machines. The public key can be sent with the ssh-copy-id command listed above. To copy the private key scp can be used:
scp ~/.ssh/id_rsa user@host:~/.ssh