SSH (Secure Shell) key authentication is a more secure alternative to traditional login methods using a username and password. This article will guide you through the process of setting up SSH key authentication on a server running CentOS 7, allowing you to connect to the server without the need to enter a password.
Prerequisites
Before you begin, ensure you have access to a CentOS 7 server as a user with sudo privileges and a client machine where you want to generate SSH keys.
Generating an SSH Key Pair
The first step is to generate an SSH key pair on your client machine. Open a terminal and run the following command:
ssh-keygen -t rsa -b 4096
During the key generation process, you will be prompted to enter a location to save the keys. You can accept the default location by pressing Enter. Additionally, you will be asked to enter a passphrase for added key protection; this is optional, and you can leave this field blank.
Copying the Public Key to the Server
Next, you need to copy the public key to your CentOS 7 server. You can do this by using the following command, where user@server is your username and server address:
ssh-copy-id user@server
This command copies the public key to the ~/.ssh/authorized_keys file on the server, enabling key-based authentication.
Configuring the SSH Daemon
To make key authentication effective, you need to modify the SSH daemon configuration on the server. Log in to the server and open the /etc/ssh/sshd_config file in an editor:
sudo nano /etc/ssh/sshd_config
Check or modify the following lines to match these values:
PubkeyAuthentication yes
PasswordAuthentication no
By setting these configurations, you allow public key authentication and disable password login. After saving the changes, restart the SSH daemon to apply the new configuration:
sudo systemctl restart sshd
Testing Key Authentication
You can now test whether key authentication is set up correctly. From your client machine, attempt to connect to the server using the ssh command:
ssh user@server
If key authentication was successful, you should be connected to the server without needing to enter a password.
SSH key authentication provides a more secure and convenient way to connect to servers without relying on passwords. By configuring this method on your CentOS 7 server, you can significantly enhance the security of your system.
