How To Setup SSH Key Pair Authentication
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/kali/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
- The private SSH key is never exposed on the network and therefore is not vulnerable to network-based brute-forcing. The password is only used to decrypt the key on the local machine.
- The Private Key is kept in a restricted directory with restricted permissions with read/write only being available to the owner.
- The key can only been cracked if the attacker already has access to the system and the root account or key owners account. Still, this will prevent them from immediately being able to log into any other systems that may be using the same key.
$ ssh-copy-id username@remote_host
...
Are you sure you want to continue connecting (yes/no)? yes
$ ssh username@remote_host
$ sudo vim /etc/ssh/sshd_config
$ sudo systemctl restart ssh