How to set up key authentication for a server?

If you have SSH installed, you should be able to run..

ssh-keygen

Then go through the steps, you’ll have two files, id_rsa and id_rsa.pub (the first is your private key, the second is your public key – the one you copy to remote machines)

Then, connect to the remote machine you want to login to, to the file ~/.ssh/authorized_keys add the contents of your that id_rsa.pub file.

chmod 600 all the id_rsa* files (both locally and remote), so no other users can read them:

chmod 600 ~/.ssh/id_rsa*

Similarly, ensure the remote ~/.ssh/authorized_keys file is chmod 600 also:

chmod 600 ~/.ssh/authorized_keys

Then, when you do ssh remote.machine, it should ask you for the key’s password, not the remote machine.

To make it nicer to use, you can use ssh-agent to hold the decrypted keys in memory – this means you don’t have to type your keypair’s password every single time. To launch the agent, you run (including the back-tick quotes, which eval the output of the ssh-agent command)

ssh-agent

On some distros, ssh-agent is started automatically. If you run echo $SSH_AUTH_SOCK and it shows a path (probably in /tmp/) it’s already setup, so you can skip the previous command.

Then to add your key, you do

ssh-add ~/.ssh/id_rsa

and enter your passphrase. It’s stored until you remove it (using the ssh-add -D command, which removes all keys from the agent)