OS User Security

How to Use a Private Key to Login via SSH: Step-by-Step Guide 2025

by Chelsea Bruhl on Sep 26, 2025

How to Use Private Key to Login SSH | Step by Step Guide

How to Use a Private Key to Login SSH

This 2025 step-by-step guide shows how to generate SSH keys, configure your server for key-based authentication, and log in securely.

What you need to login via SSH using a private key

  • An SSH client (OpenSSH on Linux/macOS, PuTTY on Windows).
  • A text editor.
  • Terminal or shell access with appropriate privileges.
  • Access to both local and remote servers.
  • Your private key (or the ability to generate one).

Preparing your server

Create a secure SSH directory and set correct permissions:

mkdir -p ~/.ssh
chmod 700 ~/.ssh

Store keys in that directory. Each user who needs key-based access must repeat these steps for their account.

For Linux or any OS that supports OpenSSH

Step 1 — Generate a key pair

ssh-keygen -t rsa

Press Enter to accept defaults (id_rsa / id_rsa.pub) or supply custom path/filename. Adding a passphrase is optional but recommended for extra security.

Step 2 — Ensure private key permissions are strict

chmod 600 ~/.ssh/id_rsa

Step 3 — Copy your public key to the server

ssh-copy-id USER@IP
  • Replace USER with the remote username and IP with the server address.

Step 4 — SSH using the key

ssh USER@IP

If you used a non-default key path, specify it with -i:

ssh -i /path/to/private/key USER@IP

Optional — Use ssh-agent to avoid repeated passphrase prompts

ssh-agent $BASH
ssh-add ~/.ssh/id_rsa

Enter the passphrase when prompted; the agent caches the unlocked key for the session.

Using PuTTY (Windows)

Install PuTTY and PuTTYgen from the official PuTTY download page. In PuTTYgen:

  1. Select SSH-2 RSA and click Generate; move the mouse to create entropy.
  2. Save the private key as a .ppk file and copy the public key text.
  3. On the server, paste the public key into ~/.ssh/authorized_keys (single line).

Connect with PuTTY

  1. Under Session, enter Host Name or IP.
  2. Go to Connection → SSH → Auth and browse to your .ppk private key.
  3. Open the session to connect using key-based authentication.

Using a private key on a remote VM (example)

  1. Copy the private key file to the VM (securely).
  2. Confirm the file exists with ls.
  3. Set strict permissions: chmod 600 filename.
  4. SSH using: ssh -i filename root@10.30.15.176

Turn off password authentication (after testing keys)

Edit the SSH config:

sudo nano /etc/ssh/sshd_config

Ensure these settings:

PasswordAuthentication no
PubkeyAuthentication yes

Then restart SSH:

sudo systemctl restart sshd

Be cautious: only disable password auth after confirming key-based logins work for all needed accounts.

Why use public-key authentication?

  • Stronger than typical passwords; RSA keys are much harder to brute-force.
  • The private key never leaves the client machine; only the public key is shared.
  • Optional passphrase adds another protection layer.

Conclusion

Keep private keys secure and consider using unique keys per client for better compromise isolation. If you lock yourself out, use console access or a recovery method provided by your host.