If you already using EC2 instances on AWS then you are aware of how to access the EC2 machine. Whenever you create a new instance on AWS you need to create a new private key (or use an existing old private key) to login to your server through SSH.
This private key has a .pem extension, with this private key you can log in to your remote server without any password. So If anyone wants to access your server they should have this private key. You can also implement the same secure connection on your own Linux servers or VMs.
Before generating keys you need to change some settings on /etc/ssh/sshd_config file. Open the file and make sure these two lines are configured as shown below.
[linoide@linoide ~]$ sudo vim /etc/ssh/sshd_config PasswordAuthentication no PubkeyAuthentication yes
Warning: If you don’t have physical access of your remote server then don’t logout before completing this full process. Because you are disabled login with password authentication as NO. You can’t access your server using ssh if you logged out before completing ssh key process.
Now run “su” on remote server with the user in which you want to generate a private key.
Follow below steps:
Step 1: Generate SSH key on a server using the below command.
# ssh-keygen -t rsa
It will prompt for key location and passphrase. If you want to change them you can or else keep them as default.
Step 2: Now copy the generated public key to the authorized_keys list.
# cat /home/linoide/.ssh/id_rsa.pub >> /home/linoide/.ssh/authorized_keys
Step 3: Set permissions for the files
# chmod 644 /home/anand/.ssh/authorized_keys
Step 4: Now you have to download private key to your local machine. Before that, rename your file as “filename.pem” format.
# scp -r /home/linoide/.ssh/linoide.pem root@<yourserver-ip>:/root/
Step 5: Now login with private key to remote server without a password.
You can see in the above image that linoide host logged in from localhost without asking password.
Suggestion: If you want a more secure connection then you can also change the default port(22) of SSH to any custom port.
That’s it!!