Sep 14, 2024 4 min read

How to Set up SSH Keys on Debian 12

Set up SSH Keys on Debian 12 with our step-by-step tutorial. SSH keys are a secure method of logging into a server remotely.

Set up SSH Keys on Debian 12
Set up SSH Keys on Debian 12
Table of Contents

Choose a different version or distribution

Introduction

Before we start talking on how to configure SSH keys on Debian 12, let's briefly understand- What is an SSH Key?

SSH keys, also known as Secure Shell keys, are a secure method of logging into a server remotely. They involve using a pair of cryptographic keys- a public key and a private key. The public key is stored on the server, while the private key remains with the user.

This authentication process provides enhanced security compared to traditional password-based login, making it difficult for hackers to gain access. With SSH keys, data transmission is encrypted, ensuring confidentiality and integrity during remote sessions. It's a widely used method for secure remote access and system management.

In this tutorial, you will set up SSH Keys on Debian 12. We will also address a few FAQs on how to set up SSH Keys on Debian 12.

How to generate SSH Keys on Debian 12

Your Debian 12 system might already have SSH keys if it is connected via SSH to a remote server. The following command can be used in your terminal to see if any keys are present at the moment:

ls -l ~/.ssh/id_*.pub

You can see from the output that our system already has an SSH key pair in /ssh/id_rsa.pub:

Execute the following command to create a key pair if, however, your terminal shows that "there is no such file or directory":

ssh-keygen

Initially, you will be asked to select a location for saving the key pair. You can either hit "Enter" to accept the default location, or type in the file's location. After inputting your passcode, hit "Enter" to strengthen the security of your SSH connection.
All of these actions will produce the key pair in the selected file location, and the terminal will print the key fingerprint.

How to Configure SSH Keys on Debian 12

Now that we have the key pair created, we will try to replicate our system's public key to the remote server. This will help our Debian 12 system pair the SSH keys correctly. The ssh-copy-id command has the following syntax:

ssh-copy-id user@hostname

This command requires the hostname and username of your remote server. You can also specify your remote server's IP address in place of its hostname.

To copy our public key to the other remote server using the vegastack user and 192.168.43.212 IP address, we will execute the following command:

ssh-copy-id [email protected]

You will need to enter the password for the assigned user account on the remote server.

Run the following command in your terminal and take note of the key if you want to manually copy your SSH public key to the remote server:

cat ~/.ssh/id_rsa.pub

The remote server has to have an SSH directory set up:

sudo mkdir -p ~/.ssh

Now, change the command below by adding your public key in place of ssh_public_key:

sudo echo ssh_public_key >> ~/.ssh/authorized_keys

Using the chmod command, modify the file permissions for the SSH directory:

sudo chmod -R go= ~/.ssh

In this case, the owner permission has been retained while the group's and other users' read, write, and executable permissions have been removed.

How to establish an SSH connection on Debian 12

You can use the following command to establish a connection to a remote server at IP address 192.168.43.212:

ssh [email protected]

How to disable SSH password authentication on Debian 12

You can also disable the password authentication mechanism via SSH. If you want to use this option, first open the SSH configuration file:

sudo nano /etc/ssh/sshd_config

In your SSH configuration file, set the following specific directives and their corresponding values:

PasswordAuthentication no 

Once you've added the lines above to the sshd_config file, press CTRL+O to save your changes:

The last step will be to restart the SSH service on our Debian 12 system:

sudo systemctl restart ssh

From now on, establishing an SSH connection between Debian 12 and the remote system won't require a password:

ssh [email protected]

FAQs on Setting up SSH Keys on Debian 12

How do I copy my public key to the server?

To copy your public key to the server, use the ssh-copy-id command. For example, ssh-copy-id username@server_ip will copy your public key to the specified user's authorized_keys file on the server.

Can I use an existing SSH key pair on Debian 12?

Yes, you can use an existing SSH key pair on Debian 12. Copy your public key (.pub file) to the ~/.ssh directory on the server and ensure the correct file permissions are set.

How do I disable password authentication and only allow SSH key authentication?

To disable password authentication and allow only SSH key authentication, edit the SSH server's configuration file (/etc/ssh/sshd_config). Set PasswordAuthentication to no and restart the SSH service.

How do I troubleshoot SSH key authentication issues?

Ensure that the permissions on the ~/.ssh directory (700) and the authorized_keys file (600) are properly set on both the client and server. Also, verify that the correct public key is added to the authorized_keys file on the server.

Can I use passphrase-protected SSH keys on Debian 12?

Yes, you can use passphrase-protected SSH keys on Debian 12. When generating the keys, specify a passphrase. However, remember that you will need to enter the passphrase each time you use the key.

How do I temporarily disable SSH key authentication?

To temporarily disable SSH key authentication and use password-based authentication, add the -o PreferredAuthentications=password option when connecting via SSH to the server.

How do I revoke SSH access for a specific key on Debian 12?

To revoke SSH access for a specific key, remove the corresponding public key from the user's authorized_keys file in the ~/.ssh directory on the server. After removal, the user won't be able to authenticate with that key anymore.

Conclusion

SSH keys are a pair of cryptographic keys used for secure remote login to servers. They provide a more secure alternative to passwords, enhancing protection against unauthorized access. The keys consist of a public key, stored on the server, and a private key, kept by the user. This authentication method encrypts data transmission, ensuring confidentiality during remote sessions. SSH keys are widely used for secure system management, offering an efficient and secure way to access servers remotely.

If you have any queries, please leave a comment below, and we’ll be happy to respond to them.

Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to DevOps Tutorials - VegaStack.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.