Automating SSH Key Setup: Introducing sshRemoteSetup

Published: February 20, 2026

← Back to Home

If you manage multiple remote Linux servers from a Windows machine, you know the pain: manually generating SSH keys, copying them to each server, configuring SSH settings, and then trying to remember which key goes with which host. It’s tedious, error-prone, and frankly, not how modern DevOps workflows should work.

Enter sshRemoteSetup - a smart .NET 10 utility that automates the entire process of transitioning your remote servers from password-based authentication to secure key-based authentication.

What Is sshRemoteSetup?

sshRemoteSetup is a File-Based App written in C# for .NET 10 that orchestrates SSH key-based authentication setup on remote Linux machines. It’s designed to be lightweight, portable, and powerful - requiring nothing more than the .NET 10 SDK to run.

The brilliance of this tool lies in its security-progressive workflow: it uses your password to initially connect, sets up key-based authentication, and optionally locks down the server to reject password logins entirely. It’s the perfect bridge between legacy password authentication and modern key-based security.

How It Works

The Authentication Journey

sshRemoteSetup follows an elegant step-by-step process:

  1. Local Key Generation - Creates a unique ED25519 key pair on your Windows machine, named to match each remote server (e.g., id_ed25519_192.168.1.100)

  2. Password Bootstrap - Uses your provided password to authenticate and connect to the remote machine (this is the only time you need the password)

  3. Public Key Upload - Securely copies your public key to the remote server’s ~/.ssh/authorized_keys file

  4. Server Configuration - Enables public key authentication in the remote sshd configuration

  5. Optional Hardening - If requested, disables password authentication on the remote machine, forcing key-based access going forward

  6. SSH Config Management - Automatically updates your local ~/.ssh/config file so future connections are seamless

Running It

First, clone the repository:

git clone https://github.com/dahln/sshRemoteSetup.git
cd sshRemoteSetup

Thanks to .NET 10’s File-Based App feature, there’s no complex project setup needed. Just run:

dotnet run sshRemoteSetup.cs 192.168.1.100 ubuntu mypassword

That’s it. Your remote server is now configured for key-based authentication.

Why This Matters

For DevOps Teams

Imagine provisioning dozens of new servers. Instead of manually SSH-ing into each one and running key setup commands, you can automate the entire process:

for server in 192.168.1.100 192.168.1.101 192.168.1.102; do
  dotnet run sshRemoteSetup.cs $server ubuntu password 22 true
done

All your servers are now hardened against password-based attacks.

For Security-Conscious Administrators

ED25519 keys are cryptographically superior to RSA keys for new implementations. sshRemoteSetup uses ED25519 by default, and the optional password disabling feature means you can force key-based access company-wide. This eliminates weak passwords as an attack vector on your infrastructure.

For Windows Users

As a Windows-native tool built with .NET, sshRemoteSetup integrates perfectly with Windows environments. It manages the .ssh directory structure correctly, handles path requirements, and works with Windows’ built-in SSH tools (available on Windows 10/11).

Key Features at a Glance

Real-World Example

Let’s say you’ve just stood up a new Ubuntu server at 192.168.1.100. You’re the admin user, and you know the temporary password is TempPass123. You want to secure it immediately:

dotnet run sshRemoteSetup.cs 192.168.1.100 admin TempPass123 22 true

What just happened:

Now you can simply:

ssh 192.168.1.100

And you’re in - using secure key-based authentication, no passwords involved.

Review it, try it, enjoy it!!!