How to Set Up SSH Key Authentication on Linux (Secure Login Guide)
Logging in to your server with a password is convenient — but it’s not the most secure way. If you're running a VPS or dedicated server, switching to
SSH key authentication is one of the best things you can do to improve security.
In this guide, we’ll walk you through the full process of
setting up SSH key login on Linux, so you can secure your server like a pro.
This guide is brought to you by
Vastrox.com — helping developers and teams launch secure, scalable Linux infrastructure with modern tools and deployment best practices.
Why Use SSH Keys?
SSH keys are a safer alternative to passwords because:
- They’re nearly impossible to brute-force
- They eliminate password reuse
- They prevent common phishing attacks
- They’re required by many security-focused cloud and server platforms — including Vastrox setups
What You’ll Need
- Access to a Linux server (Ubuntu, Debian, CentOS, etc.)
- A local machine with a terminal (Linux, macOS, or Windows with SSH)
- Root or sudo access to the server
Optional: If you're using a Vastrox-deployed server, SSH key support is built-in. You can upload your public key during setup.
Step 1: Generate SSH Key Pair (On Your Local Machine)
Open your local terminal and run:
ssh-keygen -t rsa -b 4096 -C "
your_email@example.com"
When prompted, you can press Enter to accept the default location (~/.ssh/id_rsa) and optionally add a passphrase for extra security.
Once completed, your keys will be saved as:
- Private key: ~/.ssh/id_rsa (keep this safe!)
- Public key: ~/.ssh/id_rsa.pub
Step 2: Copy the Public Key to Your Server
If you’re using password login for now, use:
ssh-copy-id username@your-server-ip
If ssh-copy-id isn’t available, do it manually:
- Log in to your server:
ssh username@your-server-ip
- Create the .ssh directory (if it doesn’t exist):
mkdir -p ~/.ssh && chmod 700 ~/.ssh
- Paste your public key into the authorized_keys file:
On your local machine, run:
Copy the output, then on your server:
nano ~/.ssh/authorized_keys
Paste it in, then save.
Set correct permissions:
chmod 600 ~/.ssh/authorized_keys
Step 3: Test Your SSH Key Login
Log out and try logging back in:
ssh username@your-server-ip
If everything’s set up correctly, you’ll be logged in without being asked for a password (unless you set a passphrase).
Step 4 (Optional but Recommended): Disable Password Authentication
To make your server even more secure:
- Open the SSH configuration file:
sudo nano /etc/ssh/sshd_config
- Find and update these lines:
nginx
CopyEdit
<span><span><span>PasswordAuthentication</span></span><span> </span><span><span>no</span></span><span> <br>PermitRootLogin </span><span><span>no</span></span><span><br></span></span>
- Save and restart SSH:
sudo systemctl restart sshd
Make sure your SSH key login is working before disabling passwords — or you might lock yourself out.
Using Vastrox? SSH Is Built Right In
If you're deploying cloud servers or game infrastructure with
Vastrox.com, SSH key management is handled out of the box.
• Upload your public key during deployment
• Disable password logins with one click
• Manage user access securely through our dashboard
• Automate infrastructure without compromising security
With Vastrox, launching and locking down Linux is fast, scalable, and beginner-friendly.
Final Tips
- Never share your private key (id_rsa)
- Use a passphrase for added protection
- Store your SSH keys in a secure manager like 1Password or KeePass
- Regularly rotate keys if your team grows or changes
- Combine with firewall and fail2ban rules for complete security
Conclusion
By switching to SSH key authentication, you've taken a big step toward securing your Linux server the right way. Passwords are vulnerable — keys are stronger, safer, and smarter.
Need more Linux security guides? Visit
Vastrox.com for tips, tools, and tutorials to help you build infrastructure that’s fast, secure, and reliable.