Skip to main content
+380 (44) 201-01-02
Technical support
ENG

Connecting to a server using ssh-key

Key associations are pairs that are encrypted and can be used to authenticate a client to a server SSH. A key pair consists of a public key and a private key.

  • The public key can be freely transferred without fear of negative consequences, it must be copied to the server to which we will connect in the future.

  • The private key is stored by the client and must be absolutely secure. A breach of the private key can allow attackers to access servers that use the corresponding public key without the need for additional authentication. As an additional precaution, the key can be encrypted on disk using a passphrase. This key remains on our local computer or laptop.

To set up SSH authentication using keys, you need to generate a key pair and add the public key to the .ssh directory in the site's home folder on your server.

Before you begin, make sure that you have a key on your local computer or laptop. The data is stored in the user's home directory, in the .ssh folder, so file verification is performed in the same folder. There should be id_rsa or id_rsa.pub files - these are private keys

Below is an example based on Linux OS

Step 1. If there is no key or there is no directory, you can run the command in the console of your computer/laptop:

ssh-keygen-t rsa-b 2048

After that, you will be asked several questions, for example:

Enter file in which to save the key (/home/user/.ssh/id_rsa):

Basically, it is recommended to just leave everything as is (just press Enter), so the key generator will create a key pair in the default location

When asked for a passphrase "Enter passphrase (empty for no passphrase):" enter the passphrase or leave the field empty and press Enter. It is not mandatory, but if you create one, you will have to enter it every time you connect.

Step 2. You can use the command to open the file directly in the terminal, for example:

nano ~/.ssh/id_rsa.pub

This command will open the id_rsa.pub file, where the public key is usually stored, in the nano text editor directly in the terminal.

Copy the entire key, from the first character to the last, including user data and the PC name.

The key looks something like this:

pub_key

Step 3. Now connect to the server and enter the following command:

mkdir -p.ssh

This command will create a directory, and if it is already there, then nothing will happen

After that, paste the public key that you saw on your local computer into the authorized_keys file. If there are previous keys there, do not delete them, but enter the new key from a new line.

..sh/authorized_keys

Save the file with the key combination CTRL+o and exit the nano editor with the key combination CTRL+x

Step 4. Check the connection.

Please note that for SSH/FTP connection, you should first add your IP address to the list of allowed ones, or allow access to the server of any host (step #10 of this instruction)

After that, check the connection from your local computer/laptop using the command

ssh Username@IP_address

where Username is your ssh user login IP_address is the IP address of your server, or hostname (for example, vs0000.mirohost.net, as a result the command will look like ssh testuser@vs0000.mirohost.net

Step 5. For the folder with keys (.ssh) and the authorized_keys file, you need to set the following accesses by entering the command on the server:

chmod 700 .ssh && chmod 600 .ssh/authorized_keys && chmod 755

Example of generating an ssh key using PuTTY on Windows

Downloading PuTTY and PuTTYgen

– Download PuTTY from the official website. You will need two programs: PuTTY and PuTTYgen

  • Install PuTTY if it is not already installed

Launching PuTTYgen

  • Open PuTTYgen. To do this, you can find it in the Start menu or run puttygen.exe, which is located in the directory where PuTTY was installed.

Generating a new SSH key In PuTTYgen, select the type of key you want to create:

  • For added security, select RSA or Ed25519.
  • If you select RSA, you can select the key length (2048 or 4096 bits for RSA are recommended).
  • Click the Generate button.
  • Next, you will need to generate random data by moving the mouse randomly in the PuTTYgen window so that the key is generated.

Saving the key

  • After generating the key, you will see the public key in PuTTYgen. For convenience, you can specify a comment for the key in the Key comment field if you wish.
  • Enter the password in the Key passphrase and Confirm passphrase fields (recommended for additional security).
  • Click the Save private key button and select a location to save the private key (.ppk file).

To save the public key, you can copy the text from the Public key for pasting field in the OpenSSH authorized_keys file and save it to a separate file (for example, id_rsa.pub).

Using the key in PuTTY

  • Open PuTTY.
  • Enter the hostname or IP address of the server in the "Host Name (or IP address)" field.
  • In the left Category menu, go to "Connection" -> "SSH" -> "Auth".
  • Click the "Browse..." button and select the previously saved private key (.ppk file).
  • Go to "Session" and click "Save" to save the session with this configuration, or click "Open" to connect to the server.

You may also need how to connect via SSH