One of the most secure things you can do to your server is to disable password logins. You should always disable root login. The first thing you need to do is locally retrieve or create your public ssh key. To see if you have one already created check in this location. On a Mac it’s
If that files is created then you’re set, if not then do the following.
~/.ssh/id_dsa.pub
The passphrase part is optional, if you’re not the only person that uses that particular machine I would strongly suggest you provide a passphrase.
Now that you have or created a ssh key we need to add that key to our server. We can do this with one command. Keep in mind that if you are adding a key then that is another command. You don’t want to replace other people’s key on the server.
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/user/.ssh/id_rsa.
Your public key has been saved in /Users/user/.ssh/id_rsa.pub.
The key fingerprint is:
01:0f:f4:3b:ca:85:d6:17:a1:7d:f0:68:9d:f0:a2:db user@localhost
The key's randomart image is:
--[ RSA 2048]----
| . |
| = o O . |
| = * * |
| o = |
| o S . |
| o o = |
| o . E |
| |
| |
-----------------
If you need to append your public key to that file then you will have to do something like this:
$ scp .ssh/id_rsa.pub user@domain.com:.ssh/authorized_keys
Now you can login to your server without a password! (Unless you chose a passphrase) Please leave a comment if I missed something, or if something doesn’t work.$ cat ~/.ssh/id_rsa.pub | ssh user@domain.com "cat >> .ssh/authorized_keys"
