Create and Use an SSH Key
Using an SSH key has many benefits. But how do you do it? We’ll gladly explain it to you in this post. We’ll show you how to create a new SSH key on Windows and then use it for a secure connection to your vServer.
First, you need to download PuTTY in order to connect to your SSH server. You also need the puttygen.exe.
Create Private/Public Key
Launch the downloaded puttygen.exe.
To generate an SSH key, click on “Generate”. Then, move the mouse cursor randomly across the empty area. This will generate a random code for your key.
In the “Key comment” field, enter your name or a comment for the key. In the “Key Passphrase” and “Confirm passphrase” fields, enter a secure password for your key. You can leave it blank, but it is not recommended.
All you have to do now is save the Public Key (e.g. public-key.txt) and the Private Key (e.g. private.ppk) on your hard drive.
Now connect to your vServer. Log in as Root.
Create the folder “/root/.ssh”. This folder will store the public keys. In the newly created folder, create a file called authorized_keys.
Install Key on the Server
Now open your Public Key on your computer using an editor (such as Notepad or Windows Editor) and copy its contents. The public key can be seen by others because it will be stored on the server. It is the counterpart to your private key, which you will use to log in to the server later.
Open the file with, for example, nano (nano /root/.ssh/authorized_keys), and insert the public key there.
Important: The key must start with “ssh-rsa” and must not contain new lines. Everything must be in one line. Please remove any unnecessary “new lines”.
Example key:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEArmkSugnahfqXyCeuxbHjOjTqx7VFt1l4KLY+/zTe4IgIJY+xs8TkWDi+CFaMAJlMQdknbV7v/Suio7/7fS9cvsumu0XpRsRn/hZmBQPhIZlkjJeG9lGUYS1Jr09eyT2fRUEUyb9Qqc8Wdz5eWWBk2y52/xWScgR9nbMzABmv5ucH9z1d2od8rqm93B5haLmVljxRJG3OsYPFB93M4vByj/bptcSroZhJoyKcmIvKsV+6a8HDVw47KSub4wRdACcpHjYdKIDubtEQM8z8y0pdSDxcfi/SVxD2eTewhT6j1uAT1wrTes6EO0V69EwWAa5L+n/oiMnXwSgu9Xd2AXZgRw== Dennis Ziolkowski
Save and finish. Now you just need to establish a connection using the Private Key.
To do this, open PuTTY. Click on the entry under “Configuration > Connection > SSH > Auth” and search for your private key in the field “Private key file for authentication”.
Go back to the “Session” entry and connect to your server as usual. It’s best to save the data under “Saved Sessions” so you don’t have to repeat the step every time.
Now the connection to your server opens. You should now be prompted to enter the passphrase for your private key. Enter the password, confirm with Enter, and voilà : you have successfully logged in to your server using your key.
Disable Password Authentication
To ensure that you can now only log in to your server using the keys from authorized_keys, you need to disable password authentication in the SSH server configuration. To do this, open the configuration file at /etc/ssh/sshd_config.
Find the line “PasswordAuthentication” and set the value to “no”. Save the configuration and restart the SSH server with “service sshd restart”. Your server is now more secure.
Take Further Security Measures
You are not 100% secure yet. For example, you should definitely change the default port of the SSH server. We also recommend installing fail2ban.
If you have any questions, please don’t hesitate to contact us.