SSH LOGIN WITH SSH CERTIFICATE
On your computer:
Adding your email address to your public key is optional. It will help the server administrator (and Feds) to ID whose public key is it. If you don't want it there, don't type it.
In the process of generating this SSH certificate/keys you will be prompted to set a passphrase. This passphrase will be required every time you want to connect to a server that has your public key.
Log in with your computer account and at the command line run:
ssh-keygen -t rsa -b 4096 -C "danarauz@gmail.com
This will create the ".ssh" folder, and inside that folder will generate two files, one is the private key "id_rsa", and the other the public key "id_rsa.pub". The public key is the one that you share. NEVER share the private key.
On the target/server computer:
- Log in with the account that was assigned to you
- On terminal make sure you are at your account home directory: cd ~/
- If the ".ssh" folder doesn't exist, create one: sudo mkdir .ssh
- Set the 700 permissions to .ssh: sudo chmod 700 .ssh
- Now change directory: cd .ssh
- If the "authorized_keys" file doesn't exist, create one: touch authorized_keys
- Set the 644 permissions: sudo chmod 644 authorized_keys
- And finally, copy and save your public key in this "authorized_keys" file: sudo nano authorized_keys
From your computer:
Now, to connect to the server that has your public key, and assuming that the server is using port 22786 for SSH:
ssh -p 22786 user@host
Thanks!