Linux remote SSH access from your laptop

Setting Up SSH Access to an Ubuntu Server from macOS and Windows Using a 4096-Bit Key

SSH (Secure Shell) allows secure remote access to an Ubuntu server. Follow these instructions to create a 4096-bit key, copy it to the server, and enable passwordless login.

1. Generate a 4096-Bit SSH Key

macOS

  1. Open the Terminal.
  2. Generate an SSH key pair:
    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
    • -t rsa: Specifies the RSA algorithm.
    • -b 4096: Specifies the key length as 4096 bits.
    • -C "your_email@example.com": Adds a label to your key.
  3. When prompted:
    • Save the key in the default location (~/.ssh/id_rsa) by pressing Enter.
    • Optionally, set a passphrase (recommended for added security).

Windows (Using Command Prompt, PowerShell, or Windows Subsystem for Linux (WSL))

  1. Open Command Prompt, PowerShell, or WSL.
  2. Generate an SSH key pair:
    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
  3. Follow the same prompts as macOS.

2. Copy the Public Key to the Ubuntu Server

Step 2.1: Use ssh-copy-id (Preferred Method)

  1. Copy the public key to the Ubuntu server:
    ssh-copy-id -i ~/.ssh/id_rsa.pub username@your_server_ip Replace:
    • username with your Ubuntu server username.
    • your_server_ip with your server’s IP address.
  2. Enter your server password when prompted.

Step 2.2: Manual Method (If ssh-copy-id Is Not Available)

  1. Display your public key:
    cat ~/.ssh/id_rsa.pub
  2. Copy the key (select and copy the output).
  3. Log in to the Ubuntu server with your username and password:
    ssh username@your_server_ip
  4. On the server, create the ~/.ssh directory (if it doesn’t exist):
    mkdir -p ~/.ssh chmod 700 ~/.ssh
  5. Add your public key to the authorized_keys file:
    echo "your-public-key" >> ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys Replace your-public-key with the content of your id_rsa.pub.

3. Test Passwordless SSH Login

  1. On your local machine, log in to the server:
    ssh username@your_server_ip
  2. If setup was successful, you won’t be prompted for a password.

4. Enhance SSH Security

Step 4.1: Disable Password Authentication (Optional but Recommended)

  1. Edit the SSH configuration file on the Ubuntu server:
    sudo nano /etc/ssh/sshd_config
  2. Update the following settings:
    PasswordAuthentication no PermitRootLogin no
  3. Restart the SSH service:
    sudo systemctl restart ssh

Step 4.2: Test Again

Open a new terminal and try logging in to ensure passwordless access works before closing existing sessions.

5. Troubleshooting

  • Ensure the permissions of your ~/.ssh directory and files are correct:
    • On the Ubuntu server:
      chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys
    • On your local machine:
      chmod 700 ~/.ssh chmod 600 ~/.ssh/id_rsa
  • Verify the server’s SSH service is running:
    sudo systemctl status ssh

This setup ensures secure, passwordless SSH access to your Ubuntu server using a 4096-bit RSA key. Always keep your private key secure and consider using a passphrase for added protection.

Scroll to Top