SSH, Using Key-Based Authentication and Disabling Password Access Print

  • 1

Introduction:
In this article, we will walk you through the process of accessing your VPS via SSH using the command line on your local system. We will cover connecting to the VPS using the root account, setting up key-based authentication instead of a root password, and disabling password access if required for enhanced security.

Prerequisites:
1. A VPS with SSH access
2. A local system with an SSH client installed (e.g., OpenSSH on Linux and macOS, PuTTY on Windows)

Step 1: Access the VPS with Root Account
To access your VPS via SSH, open a terminal on your local system and run the following command, replacing `your_vps_ip` with your VPS's IP address:

ssh root@your_vps_ip

You will be prompted for the root password. Enter the password to log in to the VPS.

Step 2: Generate an SSH Key Pair on Your Local System
To set up key-based authentication, you need to generate an SSH key pair on your local system. Run the following command:

ssh-keygen -t rsa -b 4096

Follow the prompts to choose a file location for the keys and set a passphrase for the private key, if desired. This command will generate a public key (by default, `~/.ssh/id_rsa.pub`) and a private key (by default, `~/.ssh/id_rsa`).

Step 3: Copy the Public Key to the VPS
Copy the public key to the VPS's `authorized_keys` file using the following command, replacing `your_vps_ip` with your VPS's IP address:

ssh-copy-id root@your_vps_ip

Enter the root password when prompted. The public key is now added to the `~/.ssh/authorized_keys` file on the VPS.

Step 4: Test Key-Based Authentication
Log in to the VPS using key-based authentication by running the following command:

ssh root@your_vps_ip

If the key-based authentication is set up correctly, you should be logged in without entering the root password.

Step 5: Disable Password Authentication (Optional)
To enhance security, you can disable password authentication for the VPS. Log in to the VPS and open the SSH configuration file in a text editor:

nano /etc/ssh/sshd_config

Locate the following line, uncomment it by removing the `#` at the beginning, and set its value to `no`:

#PasswordAuthentication yes

Change it to:

PasswordAuthentication no

Save the file and exit the text editor.

Step 6: Restart the SSH Service
Restart the SSH service to apply the changes:

systemctl restart sshd

Step 7: Test the Configuration
Open a new terminal window on your local system and try logging in to the VPS using key-based authentication:

ssh root@your_vps_ip

If you can log in successfully, the configuration is correct, and password authentication is disabled.

Conclusion:
You have learned how to access your VPS via SSH using the root account and set up key-based authentication for enhanced security. Optionally, you can disable password authentication to further protect your VPS from unauthorized access. By following these steps, you can ensure secure remote access to your VPS, minimizing the risks associated with password-based access.


Was this answer helpful?

« Back