Introduction to SSH Keys
SSH keys provide a more secure way to access your server than logging in as root. The root password can be hacked by brute forcing your server, while SSH keys are very safe and almost impossible to hack.
There are two parts of SSH keys – public and private. Click here if you’d like to learn how to create SSH keys.
The public key is intended to be added to the server and the private key must be kept privately – it will be used for logging to the server.
For example, let’s use PuTTY.
You have already created a user in your server and have the password set for this user. Actually the password does not really matter, because you will prohibit permission to log in with password later.
touch /home/new_user/.ssh/authorized_keys | chmod 700 /home/new_user/.ssh/ | chmod 600 /home/new_user/.ssh/authorized_keys
After the key for the new_user is added successfully, configure SSH service so that it listens for SSH keys and permits login with password. To do that you have to change the value to no next to PermitRootLogin and uncomment this section (remove #):
Before you are done, just restart SSH service and log in to the server as new_user :
NOTE: if you want new_user to run all commands , add new_user to the wheel group and let this group act as root without password:
useradd –G wheel new_user
Nano /etc/sudoers and uncomment the line:
## Same thing without a password
%wheel ALL=(ALL) NOPASSWD: ALL
Congratulations! Your server is now secured and can be accessible only with your SSH key.