Connecting servers securely is foundational to system administration and cloud operations. Follow these essential steps:
1. Configure SSH Access
Ensure Secure Shell (SSH) is enabled and configured on the target server. Open the SSH port (default TCP 22) in the firewall rules. Verify connectivity using:
ssh username@target_server_ip
This tests basic network reachability and service availability.
2. Generate SSH Key Pair
On the source server, create an SSH key pair for passwordless authentication:
ssh-keygen -t rsa -b 4096
Store keys in the default location (~/.ssh/) without a passphrase for automated processes, though this reduces security.
3. Copy Public Key to Target Server
Transfer the public key (id_*) to the target server's ~/.ssh/authorized_keys file using:
ssh-copy-id username@target_server_ip
Manually append the key if ssh-copy-id is unavailable.
4. Verify Key-Based Authentication
Attempt SSH login from the source server. It should connect without password prompts:
ssh username@target_server_ip
If authentication fails, verify file permissions on the target:
~/.sshdirectory: 700authorized_keysfile: 600
5. Harden SSH Configuration
Enhance security on the target server by editing /etc/ssh/sshd_config:
- Disable password authentication: PasswordAuthentication no
- Restrict root login: PermitRootLogin no
- Change default SSH port (optional)
Reload the SSH service after modifications.
