Public key authentication is a way of logging into an SSH/SFTP account using a cryptographic key rather than a password.

If you use very strong SSH/SFTP passwords, your accounts are already safe from brute force attacks. However, using public key authentication provides many benefits when working with multiple developers. For example, with SSH keys you can

• allow multiple developers to log in as the same system user without having to share a single password between them;
• revoke a single developer's access without revoking access by other developers; and
• make it easier for a single developer to log in to many accounts without needing to manage many different passwords. //

Method 1: Using ssh-copy-id

To copy your public key to your server, run the following command. Be sure to replace "x.x.x.x" with your server's IP address and SYSUSER with the name of the the system user your app belongs to.

ssh-copy-id SYSUSER@x.x.x.x

Method 2: Manual Configuration

If you don't have the ssh-copy-id command (for example, if you are using Windows), you can instead SSH in to your server and manually create the .ssh/authorized_keys file so it contains your public key.

First, run the following commands to make create the file with the correct permissions.

(umask 077 && test -d ~/.ssh || mkdir ~/.ssh)
(umask 077 && touch ~/.ssh/authorized_keys)

Next, edit the file .ssh/authorized_keys using your preferred editor. Copy and paste your id_rsa.pub file into the file. //

Correcting Permissions on the .ssh Directory

The instructions in this article will create your server's .ssh directory and .ssh/authorized_keys file with the correct permissions. However, if you've created them yourself and need to fix permissions, you can run the following commands on your server while SSH'd in as your app's system user.

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys