Secure Connections: How to Create and Use SSH Keys for Your VPS

Connecting to your Virtual Private Server (VPS) securely is paramount, especially when managing important data or running critical services. SSH keys offer a more secure alternative to password-based logins, reducing the risk of unauthorized access. This post will guide you through creating SSH keys and uploading them to your VPS, ensuring your connection is both secure and convenient.
Why Use SSH Keys?

By the way. If You didn't yet, follow me on X.com

• Enhanced Security: SSH keys provide cryptographic authentication, making brute-force attacks much harder than password cracking.
• Convenience: Once set up, you won't need to enter passwords for each login.
• Automation Friendly: Ideal for scripting and automating tasks without manual input.

1. Generating SSH Keys on Linux or macOS:

• Open your terminal.
  • -t rsa: Specifies RSA key type.
  • -b 4096: Uses 4096-bit key size for better security.
  • -C: Adds a comment (usually your email) for key identification.
  • -f: Names your key file.
• You will be prompted for a passphrase. This adds an extra layer of security, but remember it or store it securely.

Generate the key pair with:
bash

ssh-keygen -t rsa -b 4096 -C "your_email@example.com" -f my_vps_key

Navigate to your .ssh directory or create one:
bash

mkdir -p ~/.ssh
cd ~/.ssh

On Windows:

• Use PuTTYgen for Windows users:
  • Download PuTTY from the official website if you haven't.
  • Open PuTTYgen, set type to RSA, and generate keys.
  • Save both public and private keys.

2. Uploading Your Public Key to Your VPS
Method 1: Using ssh-copy-id (Linux/macOS):

If available, use ssh-copy-id:
bash

ssh-copy-id -i ~/.ssh/my_vps_key.pub username@vps_ip_address

Method 2: Manual Copy (All Platforms):

Use scp or FTP/SFTP to manually upload the key:
bash

scp ~/.ssh/my_vps_key.pub username@vps_ip_address:~/.ssh/authorized_keys

Or if the .ssh directory doesn't exist:
bash

ssh username@vps_ip_address 'mkdir -p ~/.ssh && chmod 700 ~/.ssh'
scp ~/.ssh/my_vps_key.pub username@vps_ip_address:~/.ssh/
ssh username@vps_ip_address 'cat ~/.ssh/my_vps_key.pub >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys'

3. Configuring Your VPS for Key Authentication

• Ensure the VPS's SSH configuration allows key-based authentication:
  • Edit /etc/ssh/sshd_config on the VPS:
    • Uncomment or set PubkeyAuthentication yes
    • Set PasswordAuthentication no for added security

Restart SSH service:
bash

sudo systemctl restart sshd

4. Testing Your SSH Connection

Connect to your VPS without entering a password:
bash

ssh -i ~/.ssh/my_vps_key username@vps_ip_address

If you set a passphrase, you'll enter it here.

Conclusion

Now your VPS connection is secured with SSH keys, offering a robust layer of protection. Remember, always keep your private key safe and consider using an SSH agent if you're frequently logging into your VPS.
Pro Tips:

• SSH Agents: Use an SSH agent like ssh-agent to manage passphrase entry for multiple keys.
• Multiple Keys: You can create multiple keys for different purposes or servers.
• Revoke Access: If a key is compromised, you can remove it from authorized_keys on your VPS.