How to login via key file in Linux

Accesing a Linux server via a key file is another layer of security that someone should apply on servers. Besides secure, this method is also an easier way of access.

In order to make the setup we need to generate our key file. We can do it in either a Linux terminal on the server on in Putty. In this example we will use putty so we can have both putty and powershell usable keys.

Step one, generating key file.

Open PUTTYgen and let’s use it to generate our key. If you don’t have putty installed you can do it from this link

My choice here for our key is ECDSA or EdDSA – Elliptic Curve Discrete Logarithm Problem, I will explain in another post why.

Press Generate and move your mouse cursor inside the field to create a path for the key.

Our key should now be created. Now we need to save it. Press File and save both public and private key. The private key from this menu is used to login with putty on the server. The public key is used to copy it’s content to the user’s authorized_keys file. We also need to export it so we can use it as well from our terminal -> Conversions -> Export OpenSSH key.

Step two, setting up the on server

Now that we have what we need we must login on our server. On the user that we need to setup the key file we must create, if it doesn’t exist, one folder and one file. We will use the following commands:

mkdir /home/user/.ssh
nano /home/user/.ssh/authorized_keys

In this new file we paste the key generated (marked with red in the image above) and save the file.

Now our access key setup is done. We only need to modify access rights with the commands:

chmod 700 /home/user/.ssh

and

chmod 600 /home/user/.ssh/authorized_keys

The only thing left to do is connect. Our access key file must be read only (in linux is chmod 400 command on file). In putty we can load the ppk file inside the app – Connection -> SSH -> Auth on Private key fot authentication, Browse and select the file. In powershell or terminal we connect via this command:

ssh -i privatekey.pem user@server

That’s all, have fun.