Linux Server Install: Part 4
If you done messed up and forgot to install SSH Server — I got you, bruh.
Previous
Install SSH
Now I know some distributions will ask you this during the installation but I’m going to cover it just in case you chose no.
To install and configure an SSH server on Ubuntu 20.04 and enable key-based authentication, follow these steps:
Install the OpenSSH server package:
sudo apt update && sudo apt install -y openssh-server
Now before we ssh in you have a couple of options:
- You can use password-based authentication.
- You can set up SSH keys and use key based authentication.
This is really going to be up to you, but I’ll show you how to set up key base authentication.
Generate an SSH Key Pair
Generate an SSH key pair on your client machine:
ssh-keygen
This will create a public and private key pair in the ~/.ssh
directory on your client machine. The public key will be called id_rsa.pub
and the private key will be called id_rsa
.
Copy the public key to the server:
ssh-copy-id user@server
Replace user
with your username on the server and server
with the hostname or IP address of the server.
Note
Be sure to copy over the public key before making changes to the
sshd_config
file
Disable Password-Based Authentication
On the server, edit the /etc/ssh/sshd_config
file to enable key-based authentication and disable password-based authentication:
sudo nano /etc/ssh/sshd_config
Find the line that says PasswordAuthentication yes
and change it to PasswordAuthentication no
. This will disable password-based authentication and allow only key-based authentication.
Another line that you should add is ChallengeResponseAuthentication no
Save and restart the SSH Server to apply the changes:
sudo systemctl restart ssh
Now, you should be able to log in to the server using your private key from your client machine:
ssh user@server
You will not be prompted for a password, and you will be logged in to the server using key-based authentication.
That’s it! You have successfully installed and configured an SSH server on an Ubuntu Server and enabled key-based authentication.