Generating an SSH Key and Copying it to Remote Server

mkdir ~/.ssh && chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys
# copy key.pub to authorized_keys
# nano /etc/ssh/sshd_config
service ssh reload

Generate the Key (on local server)

cd ~/.ssh && ssh-keygen -t ed25519

Ed25519 is a newer algorithm which is faster than RSA. Ed25519 is supported by OpenSSH so you should be good in almost all cases. Github recommends passing it your email with -C which is then uses as a label.

cd ~/.ssh && ssh-keygen -t ed25519 -C "hello@example.com"

Making Sure the Remote Server Accepts SSH Keys

view the server’s sshd_config file

cat /etc/ssh/sshd_config

Check the following:

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile	~/.ssh/authorized_keys

Making sure the .ssh folder and authorized_keys file exists on Remote server

sudo mkdir ~/.ssh && sudo touch ~/.sh/authorized_keys

Setting Permission on Remote Server

sudo chmod go-w ~/ && sudo chmod 700 ~/.ssh && sudo chmod 600 ~/.ssh/authorized_keys

Copying SSH Public Key from Local to Remote Server

cat ~/.ssh/id_ed25519.pub | ssh username@example.com "cat >> ~/.ssh/authorized_keys"

replace id_ed25519.pub with your generated key.

Troubleshooting

  • make sure the authorized_keys file isn’t empty.
  • make sure you copied the correct authorized_keys file (.pub file that is)
  • make sure the user you are connecting to owns the .ssh folder and the authorized_keys file
  • make sure the permissions for the .ssh (700) folder and the authorized_keys (600) file are correct on the remote server
  • make sure the path given in ‘sshd_config’ is correct. /home/.ssh/authorized_keys and ~/.ssh/authorized_keys are different if the user you are connecting to isn’t root. ~/.ssh/authorized_keys is preferred since it is relative to the user.