2022-03-09 14:27:43 +01:00
# Public Key Authentication
2022-03-09 14:30:36 +01:00
## General
2022-03-09 14:27:43 +01:00
* login on the server using password\
NOTE: Leave this terminal/shell always open until this configuration is successfully validated. This is a backup connection to your server using password in case the public key authentication fails.
```
ssh -p< tbd > < user > @< host name >
```
* open the **sshd_config** file using a text editor like this
```
sudo vi /etc/ssh/sshd_config
```
* in this file, make sure the following options are set as follows
```
2022-03-31 21:13:06 +02:00
PasswordAuthentication yes
2022-03-09 14:27:43 +01:00
PermitRootLogin no
PubkeyAuthentication yes
#GSSAPIAuthentication yes
#GSSAPICleanupCredentials no
UsePAM yes
```
* save this file and restart sshd service
```
sudo systemctl restart sshd
```
* navigate to your local host home folder and check permissions
```
cd ~
ls -ld
chmod 0700 ~
ls -ld
```
* navigate to the ** .ssh** folder and check permissions
```
cd ~/.ssh
ls -ld
chmod 0700 ~/.ssh
ls -ld authorized_keys
chmod 0600 ~/.ssh/authorized_keys
```
* copy your existing local host public key on the server
```
ssh-copy-id -p< tbd > < user > @< host name >
```
* login on the server using public key authentication
```
ssh -p< tbd > < user > @< host name >
```
* if you completed public key authentication successfully,
you may savely close the terminal/shell running the open password-based login
2022-03-09 14:30:36 +01:00
2022-03-31 21:13:06 +02:00
* revert the password changes in ```ssh_config``` if you are srcurity conscious\
```
sudo vi /etc/ssh/sshd_config
2022-04-10 18:02:25 +02:00
PasswordAuthentication no
2022-03-31 21:13:06 +02:00
```
2023-08-18 10:52:48 +02:00
* save this file and restart sshd service
```
sudo systemctl restart sshd
```
2022-03-09 14:30:36 +01:00
## Links
[How to Fix SSH Failed Permission Denied (publickey) ](https://phoenixnap.com/kb/ssh-permission-denied-publickey )
[How to Set Up SSH Keys on Debian 11 ](https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-debian-11 )