How to Create an ssh Key on Ubuntu 22.04 and Connect via SSH

To create an id_rsa key pair on an Ubuntu 22.04 system and use it to connect to a remote server from a client, follow these steps:

Step 1: Generate the SSH Key Pair

1. Open a terminal on your client machine.
2. Run the following command to create a new RSA key pair:

   ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

   • The -t rsa specifies the type of key (RSA).
   • The -b 4096 specifies the key length (4096 bits is recommended for strong security).
   • Replace "your_email@example.com" with your email or a comment to identify the key.
3. When prompted:
   • Press Enter to save the key to the default location (~/.ssh/id_rsa), or specify a custom path.
   • Optionally set a passphrase for extra security (press Enter to leave it empty).

   Example output:

   Generating public/private rsa key pair.
   Enter file in which to save the key (/home/user/.ssh/id_rsa):
   Enter passphrase (empty for no passphrase):
   Enter same passphrase again:
   Your identification has been saved in /home/user/.ssh/id_rsa
   Your public key has been saved in /home/user/.ssh/id_rsa.pub

Step 2: Copy the Public Key to the Server

You need to transfer the public key (id_rsa.pub) to the remote server.

Option 1: Use ssh-copy-id (Recommended)

If you have SSH access with a password:

1. Run the following command:

   ssh-copy-id username@server_ip

   Replace username with your remote user and server_ip with the server’s IP address

2. Enter the password for the remote user when prompted. This will append the public key to the ~/.ssh/authorized_keys file on the server.

Option 2: Manually Copy the Key

If ssh-copy-id is unavailable, you can manually add the key:

1. Copy the public key to your clipboard:

   cat ~/.ssh/id_rsa.pub

2. SSH into the server using your username and password:

   ssh username@server_ip

3. Open (or create) the authorized_keys file in the .ssh directory:
   mkdir -p ~/.ssh
   nano ~/.ssh/authorized_keys

4. Paste the public key into the file, save, and close it.
5. Set the appropriate permissions:

   chmod 600 ~/.ssh/authorized_keys
   chmod 700 ~/.ssh

Step 3: Test the SSH Connection

1. On your client machine, connect to the server using the private key:

   ssh username@server_ip

2. If the setup is correct, you should connect to the server without entering a password. If you set a passphrase for the private key, you’ll be prompted to enter it.

Step 4: Optional Enhancements

• Disable Password Authentication: To enhance security, you can disable password authentication on the server. Edit the SSH configuration file:

  sudo nano /etc/ssh/sshd_config

  • Set:

    PasswordAuthentication no

  • Restart the SSH service:
    sudo systemctl restart sshd

• Backup Keys: Keep a secure backup of your private key (id_rsa) to prevent losing access to the server.

Your RSA key pair is now set up, and you can securely connect to your server from the client using SSH! Let me know if you need further assistance.