SSH: Public Key Creation and Activation

Because ssh servers on the internet are commonly subject to brute-force password attacks, it is recommended that you disable password-based logins and use public/private key authentication. Here's how.

  • On the local machine, in your home directory's .ssh subdirectory (which you should create and make only owner readable/executable if it doesn't exist; e.g by typing mkdir ~/.ssh && chmod 0700 ~/.ssh), you should execute the command ssh-keygen -t dsa, enter a password, and accept the default names for files (by pressing ENTER).

  • Before you attempt to connect to remote machine, execute the command ssh-add.

  • If you add the package ssh-askpass or ssh-askpass-gnome on Debian with GNOME, or on Ubuntu, ssh-add well be executed whenever you login to your graphical session, meaning you will get a window asking you to enter your SSH passphrase on login.