How to Set Up SSH Key-Based Authentication
SSH keys are far more secure than passwords. This guide sets up key-based login and disables password authentication.
1. Generate a key pair (on your local machine)
ssh-keygen -t ed25519 -C "you@example.com"Press Enter to accept the default location and optionally set a passphrase.
2. Copy the public key to your server
ssh-copy-id deploy@your-server-ipOr manually append your public key to ~/.ssh/authorized_keys on the server.
3. Test the key login
ssh deploy@your-server-ipYou should log in without a password prompt.
4. Disable password authentication
Once key login works, edit /etc/ssh/sshd_config:
PasswordAuthentication no
PermitRootLogin nosudo systemctl restart sshKeep your private key safe and never share it. Combine with UFW and Fail2ban for strong protection.