Generate the ssh key pair on the desktop computer: ssh-keygen
Copy the public key to the server:
scp ~/.ssh/id_rsa.pub [email protected]:
Connect to the server:
ssh [email protected]
Append the public key to authorized_keys and remove the uploaded copy:
cat id_rsa.pub >> ~/.ssh/authorized_keys rm id_rsa.pub
Edit the ssh server configuration to make sure that public key authentication is enabled (it should be enabled by default):
sudo nano /etc/ssh/sshd_config
These entries must be set to yes:
RSAAuthentication yes PubkeyAuthentication yes
Reload the configuration:
sudo /etc/init.d/ssh reload
Disconnect from the server:
exit
Try connecting without the need to give the password to the ssh-client:
ssh [email protected]
You might need to give a password now to access your private key file, but you should not need to give the password to the ssh program.
Disable password authentication:
sudo nano /etc/ssh/sshd_config
The following settings should be set to no:
ChallengeResponseAuthentication no PasswordAuthentication no UsePAM no
Reload the configuration:
sudo /etc/init.d/ssh reload
Test that password authentication really is disabled: Disconnect from the server: exit 10.2 Rename your private key file:
mv ~/.ssh/id_rsa ~/.ssh/id_rsa.backup
Try to reconnect to the server:
ssh [email protected]
This should produce a permission denied message: “Permission denied (publickey).”
Restore your private key file:
mv ~/.ssh/id_rsa.backup ~/.ssh/id_rsa