Setting a new Public Key in a VPS that has already been created

Alexander Fritzsche

2 min read
Setting a new Public Key in a VPS that has already been created
Photo by Christopher Gower / Unsplash

When I changed to a new computer my private keys were still on the other machine. One way to go about it is using a USB to copy the files over. But there is a better way to go about it. The geekier way.

I had already secured the server disabling password logins and root. The first step as always is to research how others have solved the same problem. I had to look up how I could set a new key to my old VPS. That post said it was not possible and the best option was to create a new instance.

If you created your server prior to adding the SSH key, you cannot assign it to your server.

When I logged into the web interface for my VPS, I managed to find a section where I could copy my keys over. However, when I tested it and failed to gain access, and only in retrospect, I forgot to restart the service so I continued going deeper down into the rabbit hole of figuring out how to gain access.

Moving to my next option led me to opening the web console for my VPS. I needed to make some configuration changes to my security for a few minutes. Which in retrospect might not have been the best option.

The first step after logging into the server was to permit ssh'ing into the server with a password.

sudo vim /etc/ssh/sshd_config

When you are in the file look for PasswordAuthentication no and change it to yes. Save and exit. :wq. Now, if you don't know how to use Vim, i'll explain just enough to get what you need to change the file.

When in vim you'll need to use hjkl to move around. left down up right respectively. Type /PasswordAuthentication which serves as a quick find. It will take you where you need to be. Then use the lettered keys hjkl to move to where no is. Hit cw which means change word. Enter yes. Then type :wq which means to write the file and quit. Once that is done open a terminal on your local machine, but before you go, you'll need to restart the service `service sshd restart`

You'll need to generate a new SSH key (unless you already have one on your machine).

ssh-keygen -t ecdsa -b 521

With the newly created key you'll want to copy it over to your VPS.

ssh-copy-id user@host

It ought to ask you for your password and once the id has been copied, go back to the sshd_config file to change the Password Authentication back to no.

And since this was a new machine, at least for me, I needed to set my ssh config file to be able to type less whenever I want to log into my servers.

Ideally I ought to revisit this exercise to find a better way to deal with all of this, if there is a better way to go about it.