$YOURSECUREPORT - is random port number of your choice - avoid using default ssh port
On local
$ssh-keygen
$scp -p $YOURSECUREPORT ~/.ssh/id_rsa.pub yourserveruser@server:/usr/home/yourserveruser/.ssh/authorized_keys
Depending on your situation save to id_rsa or somewhere else, default ssh will try to use id_rsa, .pub is default for the public key.
On ssh server/host:
$sudo $EDITOR /etc/ssh/sshd_config
Change the following values from the default config:
Set correct port:
Port $YOURSECUREPORT
Un-comment and change to yes:
PubkeyAuthentication yes
UsePAM yes
Un-comment and change to no:
PasswordAuthentication no
ChallengeResponseAuthentication no
Add
AllowUsers yourserveruser
of course replace your server user with correct username Close and save /etc/ssh/sshd_config
$sudo service sshd restart
Now you will be able to login to remote host with out typing in password and with it being much more secure to your average attacker, connect with:
$ssh -p $YOURSECUREPORT yourserveruser@server
if you used a nonstandard location for your key
$ssh -i /path/to/nonstandard -p $YOURSECUREPORT yourserveruser@server
Comments
No comments yet. Be the first to react!