When you need to securely connect from your computer to server without any passwords then one of the best solution which exists for longer time is SSH
. This works with SSH
public and private key exchange between your computer and server.
With great power comes great responsibility. What I meant over here is, if you loose public and private keys then you will be permanently locked out from accessing your server.
Open terminal and run the following command, if already SSH keys exists then it will list the key pairs (id_rsa, id_rsa.pub)
ls -la ~/.ssh
To generate new public and private key pair run the following command. Make sure you don't share id_rsa
key with anyone and remember to keep it safe.
ssh-keygen -t rsa -b 4096 -C "your_email@gmail.com"
-t
- Type of the key you want to generate RSA, DSA. But RSA is very secure so better stick with it.
-b
- Number of bits then key needs to be generated. The higher the bits the more its secure. Keep 4096
bits its very secure one.
-C
- comments
When you add the above command you will get the following confirmation
ssh-keygen -t rsa -b 4096 -C "your_email@gmail.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/channaveer/.ssh/id_rsa):
Make sure to cross verify the path and be-careful with the following points:
id_rsa
file then it will overwrite that if you proceed and you wont be able to get back the older keys.Since I already have id_rsa
key I will rename it to id_rsa_testing
. Like the following:
ssh-keygen -t rsa -b 4096 -C "your_email@gmail.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/channaveer/.ssh/id_rsa):id_rsa_testing
Now it will ask you to enter passphrase and confirm the passphrase. If you want you can leave it empty. Its like one level security added before proceeding.
ssh-keygen -t rsa -b 4096 -C "your_email@gmail.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/channaveer/.ssh/id_rsa):id_rsa_testing
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
After confirm the passphrase then it will generate random art image. So the following is the complete process in one glance
ssh-keygen -t rsa -b 4096 -C "your_email@gmail.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/channaveer/.ssh/id_rsa):id_rsa_testing
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_rsa_testing.
Your public key has been saved in id_rsa_testing.pub.
The key fingerprint is:
SHA256:sqWiJ1O0KQuj4LfzTlXHjFNjgsxVXx4pe7oeg0Vd1dw your_email@example.com
The key's randomart image is:
+---[RSA 4096]----+
| o oo.= +B|
| + B o.+.E|
| + + ooo |
| . . o .. . |
| . o..S .o |
|+ . + .= o. |
|+o +..o . o. |
|..++o. .o |
| o==o .. |
+----[SHA256]-----+
This creates id_rsa_testing
& id_rsa_testing.pub
key in ~/.ssh
path.
To add SSH key to ssh-agent use the following command
eval "$(ssh-agent -s)"
You get the following output as:
Agent pid 27796
Now its time to add SSH
private key to ssh-agent with the following. If you had generated for the 1st time then replace id_rsa_testing
with id_rsa
. If you have given any other name in the place of id_rsa_testing
then replace in the following:
ssh-add ~/.ssh/id_rsa_testing
Now sit back and relax. You have successfully added one level of security. Instead of password
logins you can successfully login with SSH
keys.
Your doing good job pals. When your Admin or your Colleagues ask you to share SSH
key then share id_rsa_testing.pub
or id_rsa.pub
. Never ever share id_rsa
or id_rsa_testing
keys
Now you can add this SSH
key to authorize_keys
in your cloud server to give access to you or your colleagues.
In this tutorial you learnt who to securely login from your computer to your server. You have done a great job.
WHATS NEXT?
If your working on your laptop and want to manage multiple SSH keys for example your Personal GIT keys, your Company GIT keys, Your side business company GIT keys then refer my article Managing Multiple GIT Key Pairs Or Account In The Same Computer
Ensure text remains visible during Webfont load
Automate Repeating Tasks In Linux Server With Cronjobs
Multiple File Uploads In Laravel PHP
PHP Built-In Web Server & Testing Your Development Project In Mobile Without Any Software
Securely Connect Server MYSQL DB From Sequel Pro / MYSQL Workbench
Factories To Speed Up Test-Driven Development In Laravel
Custom Validation Rules In PHP Laravel (Using Artisan Command)
Use Different PHP Versions In Ubuntu / Linux
GitHub Login With PHP Laravel Socialite
Add Google ADS In AMP (Accelerated Mobile Pages) Website
Testing Laravel Emails With MailHog
Global Data In All Laravel Blade Pages
Install Apache Web Server On Ubuntu 20.04 / Linux & Manage It