Hey fellow developer! Setting up SSH access to your VPS seems like a simple task, but believe me, I spent *ten* hours of my life figuring out various quirks. In this article, I’ll show you how to do it correctly, quickly, and without unnecessary headaches. Forget endless Googling and cryptic errors – I’ll gather everything you need in one place. Get ready for instructions that are *so* detailed that even your cat will understand (almost).
So, before we begin, let’s make sure you have everything you need. You’ll need access to your VPS through a control panel (e.g., DigitalOcean, Vultr, AWS, or another control panel). You’ll also need an SSH client on your local computer (Putty for Windows, the built-in terminal for macOS/Linux). Check your internet connection – you can’t do this without it! I, for example, once tried to configure SSH without the internet… Funny, right? But it wasn’t funny at the time.
Another important point: know your VPS IP address! It’s usually listed in the control panel. Write it down somewhere so you don’t forget it. I usually use Notepad, but you can use something more advanced if you like. Remember, *never* neglect elementary things; it will save you a lot of frustration in the future.
Finally, make sure you have root or sudo privileges on your local computer. Without them, you won’t be able to execute some commands. If you don’t know how to do this, Google «how to get sudo privileges on [your operating system]». This will only take a couple of minutes, but it will save you a lot of time later. Trust me on this one!
# Example of checking sudo access on Linux
sudo whoami
Expected output: root
Generating an SSH Key
Now that everything is ready, let’s generate an SSH key pair. This is necessary for secure connection to your VPS. Don’t use passwords for SSH – it’s bad practice! Instead, we’ll use keys. It’s like a key to your apartment, only for your server. And here’s how it’s done:
You will be prompted to specify the key storage location and set a passphrase (I recommend *not* setting a passphrase, but it’s up to you). Just press Enter if you don’t want a passphrase. You will have two files: `id_rsa` (private key – *keep it secret!*) and `id_rsa.pub` (public key – we will add this to the server).
This is where a problem often arises: people forget where they saved their keys. I once spent half a day looking for my private key! So, check where your files are saved. Usually it’s `~/.ssh/`.
cat ~/.ssh/id_rsa.pub
This command will show you the contents of the public key. We will need this text later.
Adding the Key to the VPS
Now you need to add your public key to your VPS. There are several ways to do this. The easiest way is to use the `ssh-copy-id` command. But if it doesn’t work, you can always add the key manually.
Method 1: `ssh-copy-id`
ssh-copy-id user@your_ip_address
Replace user@your_ip_address with your username and VPS IP address. You may be prompted to enter the user’s password on the VPS (if you don’t have key-based authentication configured).
Method 2: Manual Addition
If `ssh-copy-id` doesn’t work (e.g., due to network problems), you can add the key manually. Connect to your VPS via SSH (if possible, even with a password), open the `~/.ssh/authorized_keys` file and add the contents of your public key there. If the `authorized_keys` file does not exist, create it.
Replace your_public_key with the text you copied using `cat ~/.ssh/id_rsa.pub`.
Configuring the sshd_config File
The `/etc/ssh/sshd_config` file contains the SSH server settings. Here you can configure various parameters, such as the port, root login permission, and others. *I would recommend* not touching it unless necessary, if everything works as is. But if you want to change the port, here’s how to do it:
Find the line `Port 22` and change it to your desired port (e.g., `Port 2222`). Save the changes. After that, restart the SSH server:
sudo systemctl restart sshd
Word of warning: changing the port can cause problems with other services that use port 22. Be careful!
Here’s an example of an `sshd_config` file with a changed port:
#Subsystem sftp /usr/lib/openssh/sftp-server
Port 2222
Protocol 2
#LogLevel INFO
#LoginGraceTime 120
PermitRootLogin no
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
#PermitEmptyPasswords no
Verifying SSH Functionality
Finally! It’s time to check if everything works. Try connecting to your VPS via SSH using the generated key. If you changed the port, make sure you specify it correctly.
ssh -p 2222 user@your_ip_address
(Replace 2222 with your port if you changed it). If everything is configured correctly, you should connect without being prompted for a password. If not… well, you’ll have to check everything again. Look at the logs:
sudo journalctl -xe
This command will show the latest entries from the system journal. Look for errors related to SSH there.
If everything is OK, congratulations! You have successfully configured SSH access to your VPS! This setup is fire!
Additional Tips and Recommendations
Don’t forget to regularly update your server:
sudo apt update && sudo apt upgrade
(or a similar command for your system). This will help protect your VPS from vulnerabilities. I also recommend using a firewall for additional protection. No cap, this is important!
And remember: *security is paramount*! Keep your private keys secret and don’t use weak passwords (if you decided to use passwords after all). It’s better to avoid passwords for SSH altogether. This is a clever plan that is *so* smart that only a genius could have come up with it.
Here are some more useful commands for checking the SSH status:
systemctl status sshd
ps aux | grep sshd
netstat -tulnp | grep sshd
I hope this article was helpful. If you have any questions, feel free to write in the comments! Good luck!
“SSH setup is the foundation of secure work with your VPS. Don’t skimp on time at this stage.”
