SSH Shared Key Authentication

These instructions apply to MacOS

We recommend the use of SSH Shared Keys to secure CLI access to the system. The following steps can be used to set it up.

Create a Key Pair

  1. On a local system (e.g. your laptop) create a key pair using the following command:
ssh-keygen

accept the default location.

  1. It will ask for a passphrase. You can either set the passphrase to blank or use ssh-agent to cache the pass phrases.

  2. The utility will create:

    • A private key: id_rsa This is the private key that needs to be used by everyone who will log in.
    • A public key: id_rsa.pub. This is added to the system you want to login to.

Install on Remote systems

  1. Run the following command to copy the public key to a remote system.
ssh-copy-id <system>
  1. You should now be able to log in to the remote host …
ssh <system>

(Optional) Disable Password login on remote host

  1. Edit /etc/ssh/sshd_config and set following parameter to no:
PasswordAuthentication no

2. Then restart ssh server:

sudo service ssh restart