Setting Up SSH on Linux

Lets make sshd a little more secure by forcing people to use keys and not just passwords. Change /etc/ssh/sshd_config

 PasswordAuthentication no

You may also change the client config /ect/ssh/ssh_config

 PasswordAuthentication no

With password authentication off you'll need some public and private keys. Use ssh-keygen to accomplish this. The -t option specifies the type of encryption. In this case dsa forces ssh_v2, which is a good thing. Make sure you enter a passphrase, empty passphrases are discouraged. After ssh-keygen runs you'll find your keys in the directory $HOME/.ssh I copy my public key $HOME/.ssh/id_dsa.pub to a memory stick and take it with me so I can connect from anywhere.

  ssh-keygen -t dsa

Now if you need to connect via ssh using password authentication, because there is no key you can override the config option on the command line

  ssh -l user -o "PasswordAuthentication yes" host.example.org