Docs are work in progress
Skip to main content

Connecting via Public Key Auth

It is recommended to use a Public-Private Keypair to authenticate while connecting via SSH. This tutorial will help you set up Public Key Authentication for your Comet-M device.

Generate a new Keypair

You can skip this step if you already have a keypair generated (for Github, or any other SSH connections).

  • On your local machine, open a terminal and run the following command:
# MacOS / Linux
$ ssh-keygen -t rsa -b 4096

# Windows
$ ssh-keygen -t rsa -b 4096
  • You'll be prompted to enter the directory where you'd like to store the key pair. If you're happy with the default directory (~/.ssh), just press Enter.
  • After choosing the key storage directory, you'll be asked to enter a passphrase. This is an extra layer of security, but it's optional. If you don't want to use a passphrase, you can leave it blank.
warning

Never share your private key. Keep it in a safe place.

Copy the public Key to the device

  • To copy your new (or existing) public key to the device, use the following command:
$ ssh-copy-id [email protected]
  • You'll be prompted to enter your password. Once that's done, your public key will be copied to the server.

Test the Connection

  • Try connecting to the device with the following command:
$ ssh [email protected]
  • If everything is set up correctly, you should be logged in without entering your password. That's it! 🎉

Disabling Password Authentication

Once you have successfully set up SSH key-based authentication, you can increase your device security by disabling password authentication. Here's how to do it:

  1. Log into your server via SSH:
$ ssh [email protected]
  1. Open the SSH daemon configuration file using a text editor of your choice. We'll use nano for this example:
$ sudo nano /etc/ssh/sshd_config

  1. Find the line that says #PasswordAuthentication yes and change it to PasswordAuthentication no. If the line doesn't exist, you can add it. Make sure to remove the '#' to uncomment the line.

  2. Save and exit the file. In nano, you can do this by pressing Ctrl + X, then Y to confirm saving the changes, and then Enter to confirm the file name.

  3. Restart the SSH service to apply the changes:

$ sudo systemctl restart sshd
  1. Exit the server and try logging in again with SSH. You should be able to log in with your SSH key, and the server won't accept password authentication:
$ ssh [email protected]

That's it! You've successfully disabled password authentication for your SSH server. Remember, keep your private key safe and secure. 🎉