SSH keys Generation and Set Up

Logging into a server using a user name and password is not that secure and if possible you are best to use SSH or Secure Shell.

On this page, you will find all you need to create SSH keys, log in to your server using SSH, and how you can use it for remote to remote server transfers and access your Git repositories.

Image
ssh local remote illustration

Basic Concept

SSH works with the idea of keys, these keys are long random strings and work together to unlock access or a connection between two locations on the internet. If the keypair you try to use doesn't authenticate SSH will deny you access to the connection.

As mentioned, SSH works with a keypair. This keypair is made of a private key and a public key. When you create a keypair on your system you will see the keypair will have the same name. The default keypair is id_rsa and if you are in the .ssh directory and have created a keypair you will see the private and public keys as shown below.

Image
default id_rsa and id_rsa.pubfiles in local mac environment

As you can see you can name your keys what you like.  So if you want to have different keys for different servers set up it is possible to create multiple keypairs. Let's set up a keypair.

Create a Key

To set up a keypair you need to run the following code in your terminal in the .ssh directory.

 ssh-keygen -t rsa
Image
create new rsa keypair with output random art image

Now that we have created a keypair and we know the difference between public and private keys I guess it is a good time to mention that you should never share the private key. That's right, a private key is just that, it is private and should never be shared.

Okay, next we will set them up to use.

Installing the public key on a remote server

The idea is the same whether you create a keypair on your local system or on a remote system. Have a look at the following diagram.

Image
ssh keypair set up for secure connections

As you can see, in both examples the keys are kept in the .ssh directory along with an authorized keys file and known_hosts file. So what are these files?

For a basic set up the only files, we need to touch are the public key and authorized key.
If you open up the public key you will see a long number similar to the following example.

ssh-rsa AA..LongRandomString....2/Qs5MC0= user@computer_local

cat (concatenate) can be used to show the content of any file and many other things.
cat file_name.ext

Copy this key how you find easiest, highlight and ctrl C or use a CLI command such as pbcopy.

pbcopy can be used to copy the contents of file to a clipboard.
cat designkojo-digitaloceean.pub | pbcopy

Once you have the public key on your clipboard, go to the server you want to make a connection to and log in to it using a user name and password.
Then open the .ssh/authorized_key file and paste the public key on a new line. I use nano for this simple task but use what you like.

Make sure you return to a new line and then save, in nano this can be done using Ctrl X and Y (yes) at the prompt then and Enter.  Or Ctrl O to Write Out and not close the file.

Make sure the perms of the authorized_keys is set to 600

-rw-rw-r-- 1 designkojo designkojo  1378 Mar 25 01:17 authorized_keys
chmod 600 authorized_keys
-rw------- 1 designkojo designkojo  1378 Mar 25 01:17 authorized_keys

So that's done now you can connect to the server from your local. Log out and try following the next steps.

Using SSH to log in

From the command line use the following code to log in using SSH.

ssh -i ~/.ssh/simon_rsa designkojo@45.45.4545.45

When SSH'ing in you may be asked whether to continue due to authenticity to the host can't be established. If so say yes.

So now you just logged in to your remote server using SSH and can safely work on the server, good job!

You can also use SSH with your code editor or IDE and I suggest you do so let's have a quick look at how that would be done with PHPStorm. The process should be the same with your editor of choice, look for server deployment configuration using SFTP, not to be confused with FSTP.

From SSH with an IDE or code editor

You can also use the same keypair when setting up your IDE or code editor to connect to your server for deployment. I use PHPStorm and you can use SFTP and then set your SSH configuration to use a keypair.

Image
PHP storm IDE deployment dialog with SSH SFTP keypair

So that's it you will now be using SSH to deploy to your server.

With this knowledge, hopefully, you can now connect 2 servers. If you want to find about how to use SSH with SCP check out SCP Secured Copy.

Thanks for reading and be sure to check out more on tooling.

Tags