How to Set Up SSH Keys on Ubuntu 20.04

SSH, an acronym for Secure Shell, serves as a robust mechanism to establish secure communication between your system and remote machines across the internet. Analogous to a discreet cryptographic protocol, SSH ensures a confidential and authenticated connection between devices. This comprehensive guide is designed to clarify the procedure for configuring SSH keys on Ubuntu 20.04, a prominent variant of the Linux operating system.

Step 1: Making the Secret Keys

First, you need to create your secret keys. This is like making a special pair of keys that only your computer and the other one can understand. Here’s how you do it:

1. Open a special computer program called a terminal on your computer. You can find it by searching for “Terminal” in the start menu.
2. In the terminal, type `ssh-keygen` and press the Enter key. This will make your secret keys.
3. It might ask you where to save these keys. Just press Enter to save them in a specific place on your computer.
4. If you already made these keys before, it might ask if you want to replace them. Be careful with this. If you say yes, the old keys will be gone forever.
5. It might also ask if you want to set a password. This is a good idea because it adds an extra layer of security. You can type a password or just press Enter to skip it.

After all this, you’ll see some text on your screen. These are your secret keys, so keep them safe.

Step 2: Sharing the Public Key

Now, you need to provide your server with the key. This is the public key, which is safe to share. There are a few ways to do this:

Option A: Use a Tool

Your computer might already have a tool called `ssh-copy-id` installed. This tool can do the job easily. Just type this command in your terminal:

```bash

ssh-copy-id username@remote_host

```

It will ask for the password of the remote computer. Type it in, and it will copy your public key there.

Option B: Copy and Paste

If the tool isn’t there, you can do it manually. Here’s how:

1. Open the public key file on your computer. You can do this by typing:

```bash

   cat ~/.ssh/id_rsa.pub

   ```

It will show you your public key. It starts with `ssh-rsa` and has a long string of letters and numbers.

2. Copy this whole string.
3. Now, connect to the other device using SSH. Use this command:

   ```bash

   ssh username@remote_host

   ```

It will ask for a password. Enter it.

4. Once you’re in, create a special folder for your keys (if it doesn’t exist) and open the file for editing:

   ```bash

   mkdir -p ~/.ssh && touch ~/.ssh/authorized_keys && chmod -R go= ~/.ssh && nano ~/.ssh/authorized_keys

   ```

If it asks you about the fingerprint, just say yes.

5. Paste your public key into this file.
6. Save the file and exit the editor (usually, you press Ctrl + X, then Y, then Enter).

Step 3: Logging In with Your Secret Handshake

Now that your secure connection is set up, you can log in without a password.

1. To start, use this command:

   ```bash

   ssh username@remote_host

   ```

2. If it’s your first time connecting to this computer, it will ask if you’re sure. Just type yes and press Enter.
3. If you set a password for your secret key, it will ask for it. Type it in.
4. You’re in! You’re logged in to the other device securely using your secret keys.

Step 4: Extra Security – Disable Passwords

For even more security, you can turn off password login. This means only your secret keys can get you in. Here’s how:

1. Log in to the other device using SSH keys (as we did in Step 3).
2. Now, open a file for editing:

```bash

   sudo nano /etc/ssh/sshd_config

   ```

3. Look for a line that says `PasswordAuthentication`. It probably has a # in front of it. Remove the # and change `yes` to `no`, like this:

   ```plaintext

   PasswordAuthentication no

   ```

4. Save the file (Ctrl + X, Y, Enter).
5. Restart the SSH service:

   ```bash

   sudo systemctl restart ssh

   ```

6. Test that you can still log in with your keys before closing your session:

   ```bash

   ssh username@remote_host

   ```

You’ve now set up SSH keys, allowing you to log in securely, and even disable password logins for extra safety.