Configure the SSH server and client
Perform the following tasks to configure the SSH server and client:
Log in to the SSH server machine as the user you plan to connect with from the SSH client machine.
Open a terminal session and go to the location of the SSH client public key zip file exported from the .
Run the following command to extract the SSH client public key from the zip file, modifying the file name to match the actual name of your file.
You should see the following output:
The SSH.pub file is in DER format, meaning the public key is binary encoded.
The next section uses OpenSSL to convert the SSH.pub file from DER to PEM format. PEM is a method of encoding binary data as a string (also known as ASCII armor).
Run the following OpenSSL command to convert the public key exported from the in DER format to PEM format (as required for the ssh-keygen command in the next subsection):
3 | Configure the SSH client public key on the SSH server and disable non-key-based modes of authentication
SSH requires a specific format for the public keys used within an SSH session. Run the following ssh-keygen command to convert the SSH_pubkey.pem file from the previous command to the required SSH public key format and add it to the ~/.ssh/authorized_keys file:
Run the following command to open the SSH daemon configuration file:
Editing this file requires sudo privileges.
Inside the file, confirm the following directive is present:
Optionally, you can also set the following directives to make the SSH daemon only respond to SSH keys:
Save and close the file when finished. To implement these changes, restart the SSH service.
On Ubuntu or Debian machines, run the following command:
On CentOS/Fedora machines, run the following command: