DEV Community

Willyams Yujra
Willyams Yujra

Posted on

SSH Connection Using Private Key

#ssh #privatekey #rsa #keys

SSH Connection Using Private Key (PK)

This tutorial will guide you through three methods to connect to an SSH server using public key authentication. Ensure that the remote server already has the public key configured in its ~/.ssh/authorized_keys file.

Prerequisites

  • Private Key on your local machine.
  • Public Key already uploaded to the remote server in the ~/.ssh/authorized_keys file of the user you're authenticating with.

Method 1: Use the Default Private Key (id_rsa)

The first method involves using the default private key file, called id_rsa. This is the default behavior of SSH.

Steps:

  1. Ensure that you have your private key in the ~/.ssh/ folder (by default). 
   ls ~/.ssh/
Enter fullscreen mode Exit fullscreen mode

If you have a file called id_rsa (or another key file, depending on the type), SSH will use it automatically.

  1. Ensure that the private key has the correct permissions: 
   chmod 600 ~/.ssh/id_rsa
Enter fullscreen mode Exit fullscreen mode
  1. Connect to the SSH server without specifying any key (since id_rsa is the default): 
   ssh user@server_ip
Enter fullscreen mode Exit fullscreen mode

If the public key is correctly set up on the server, the connection will be successful without requiring a password.

Note: In this case, only one private key (id_rsa or another default key type) is supported.

Method 2: Specify a Custom Private Key with -i

This method is useful if you prefer to use a private key with a different name or if you have multiple keys for different servers.

Steps:

  1. Locate your private key in any directory you prefer (not necessarily in ~/.ssh/).

  2. Ensure the key file has the correct permissions:

   chmod 600 /path/to/your/private_key
Enter fullscreen mode Exit fullscreen mode
  1. Connect to the SSH server by specifying the private key with the -i option: 
   ssh -i /path/to/your/private_key user@server_ip
Enter fullscreen mode Exit fullscreen mode

This method allows you to use any private key file, regardless of its name or location. You just need to make sure to specify the correct file in the ssh command.

Method 3: Use the ~/.ssh/config File

The ~/.ssh/config file allows you to simplify and automate SSH connections. You can define multiple servers with custom configurations, such as which key to use, the username, and more.

Steps:

  1. Open or create the SSH configuration file: 
   nano ~/.ssh/config
Enter fullscreen mode Exit fullscreen mode
  1. Define an entry for the server:

You can specify various options such as the alias for the server, the username on the server, and the private key to use.

Basic example:

   Host myAliasServer
   HostName server_ip
   User root
   IdentityFile ~/.ssh/my_private_key
Enter fullscreen mode Exit fullscreen mode
  • Host: Alias for the server. You can choose any name to identify the server.
  • HostName: The IP address or domain name of the server.
  • User: The username you use to authenticate on the server.
  • IdentityFile: The path to your private key.
  1. Connect using the alias:

Now, to connect to the server, simply use the alias you defined in the ~/.ssh/config file:

   ssh myAliasServer
Enter fullscreen mode Exit fullscreen mode

SSH will automatically look for the specified key file in IdentityFile and use that key for authentication.

More configurations possible in the ~/.ssh/config file:

You can add more configurations in the ~/.ssh/config file to further customize your connection. Here are some additional examples:

Use a Custom Port:

If your SSH server is configured on a port other than the default (22), you can specify it:

Host remote_server
HostName server_ip
User user
IdentityFile ~/.ssh/my_private_key
Port 2222
Enter fullscreen mode Exit fullscreen mode

Specify Multiple Keys for Different Servers:

If you have multiple keys for different servers, you can define several entries in the configuration file:

Host aliasRemoteServer1
HostName server_ip1
User user
IdentityFile ~/.ssh/key_server1

Host aliasRemoteServer2
HostName server_ip2
User user
IdentityFile ~/.ssh/key_server2
Enter fullscreen mode Exit fullscreen mode

Configure to Skip Host Key Checking (Not recommended for production): 

Host \*
StrictHostKeyChecking no
Enter fullscreen mode Exit fullscreen mode

This configuration disables host key verification, which is useful for automated environments, but not recommended for production due to security implications.

Summary of Connection Methods:

  1. Method 1: Use the Default Private Key (id_rsa):
    Connect automatically with the private key located in ~/.ssh/id_rsa.

  2. Method 2: Specify a Custom Private Key with -i:
    Use the ssh -i command to specify any private key file.

  3. Method 3: Use the ~/.ssh/config File:
    Configure easier SSH connections with an alias, specifying the key file and port.

Troubleshooting

If you experience issues connecting, follow these steps:

  1. Check the public key on the server: Ensure that the corresponding public key is correctly configured in the ~/.ssh/authorized_keys file on the server.

  2. Verify private key permissions:

   chmod 600 ~/.ssh/my_private_key
Enter fullscreen mode Exit fullscreen mode

  1. Check the ~/.ssh/config file configuration: If you're using a config file, make sure the private key path is correctly specified.

  2. Verify the ~/.ssh/authorized_keys file on the server: The public key must match the private key on your local machine exactly.

With these three methods, you should be able to connect to your SSH server without passwords using private keys!

Top comments (0)

Read next

madsstoumann profile image

Clocks and Watches in CSS

Mads Stoumann -

leapcell profile image

Why Hugo is the Best Static Blog Framework in 2025

Leapcell -

raajaryan profile image

Adaptive UI in React: Constructing Self-Configuring and Context-Aware Components

Deepak Kumar -

jenueldev profile image

Laravel Cloud to Save the Day: A Game-Changer for Laravel Developers

Jenuel Oras Ganawed -