How to copy an SSH public key to a server

Public-key authentication allows you to access a server without needing a password. To enable this, copy your SSH public key to the server's authorized_keys file in the user's ~/.ssh directory. This setup enables secure and passwordless logins.

The most efficient way to copy your SSH key to the server is by using the ssh-copy-id command. This method automates the process and ensures that the key is correctly added. You can also manually copy the public key if needed by editing the authorized_keys file directly on the server.

Ensuring your SSH key is properly added to the server is important for maintaining secure access. Once the key is in place, you can log in and run commands without entering a password, which is especially useful for automated tasks.

1. Open the terminal on your local machine.
2. Locate your SSH public key in the ~/.ssh directory.

    $ ls ~/.ssh/id*
   /home/user/.ssh/id_rsa           /home/user/.ssh/id_rsa.pub

   The public key is normally the one with the .pub extension.

3. Verify that the key is in the OpenSSH format.

   $ file .ssh/id_rsa.pub 
   .ssh/id_rsa.pub: OpenSSH RSA public key

   authorized_keys file accepts public keys in OpenSSH format.

   Related: How to change the format of an SSH key file

4. Use the ssh-copy-id command to add the public key to the server.

   $ ssh-copy-id user@remote-host
   The authenticity of host 'remote-host (192.168.111.135)' can't be established.
   ECDSA key fingerprint is SHA256:hXGpY0ALjXvDUDF1cDs2N8WRO9SuJZ/lfq+9q99BPV0.
   Are you sure you want to continue connecting (yes/no)? yes
   /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
   /usr/bin/ssh-copy-id: INFO: 2 key(s) remain to be installed -- if you are prompted now it is to install the new keys
   user@remote-host's password:
   
   Number of key(s) added: 2
   
   Now try logging into the machine, with:   "ssh 'user@remote-host'"
   and check to make sure that only the key(s) you wanted were added.

   If you want to use other public key rather that then one in the default location, use the -i option.

   $ ssh-copy-id -i ~/.ssh/other_key.pub user@remote-host

5. Test the connection to the server using your SSH key.

   $ ssh -i .ssh/id_rsa user@remote-host
   Welcome to Ubuntu 19.04 (GNU/Linux 5.0.0-20-generic x86_64)
   
    * Documentation:  https://help.ubuntu.com
    * Management:     https://landscape.canonical.com
    * Support:        https://ubuntu.com/advantage
   
     System information as of Sat Jun 29 11:31:23 UTC 2019
   
     System load:  0.16               Processes:            211
     Usage of /:   25.8% of 19.56GB   Users logged in:      1
     Memory usage: 13%                IP address for ens33: 192.168.111.135
     Swap usage:   0%
   
    * MicroK8s 1.15 is out! It has already been installed on more
      than 14 different distros. Guess which ones?
   
        https://snapcraft.io/microk8s
   
   0 updates can be installed immediately.
   0 of these updates are security updates.
   
   
   Last login: Sat Jun 29 11:08:20 2019 from 192.168.111.1