SSH & Key Authentication
Secure Shell (SSH)
| Command | Purpose |
|---|---|
ssh user@host | Connect |
ssh -p 2222 user@host | Custom port |
ssh-keygen -t ed25519 | Generate a key pair |
ssh-copy-id user@host | Install your public key |
scp file user@host:/path | Copy over SSH |
sftp user@host | Interactive file transfer |
Key auth uses a private key (~/.ssh/id_ed25519, keep secret) and a public key (~/.ssh/id_ed25519.pub, goes in the server's ~/.ssh/authorized_keys).
Server hardening in /etc/ssh/sshd_config:
PermitRootLogin no
PasswordAuthentication no # keys only
Port 2222
Apply with systemctl reload sshd.
Exam trap:~/.sshmust be700andauthorized_keys600, or sshd refuses the key. Wrong permissions are the #1 cause of "key auth won't work".