SSH, or Secure Shell is most trusted open-source network protocol used for secure connection between a client and remote server. It also used to transfer files over the network using SCP protocol. In this article, we will show how to set up passwordless login using ssh keys to connect remote servers.
Setup SSH Passwordless Login
It’s a very secure way to connect remote server without entering password.
First, you need to generate a public authentication key on your client and append it to the remote hosts
Perform the below steps to configure passwordless SSH login:
1. Generate SSH Key pair
Before generating a new key pair check if you have already on your client machine otherwise it will overwrite it.
Use the following command to generate a new SSH key pair:
ssh-keygen -t rsa
Enter to accept the default file location and file name:
Enter file in which to save the key (/home/username/.ssh/id_rsa):
username will be your system username in which you are logged in.
Next, it will ask you to type passphrase. It’s optional to set passphrase, whether you want to add more security enter it otherwise not. If you don’t want to set passphrase just leave empty and press
Enter to go ahead.
Enter passphrase (empty for no passphrase):
It whole screen will look something like this:
Generating public/private rsa key pair. Enter file in which to save the key (/home/tecnstuff/.ssh/id_rsa): Created directory '/home/tecnstuff/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/tecnstuff/.ssh/id_rsa. Your public key has been saved in /home/tecnstuff/.ssh/id_rsa.pub. The key fingerprint is: 3g:bc:20:10:8c:e1:9b:48:b3:b0:f8:05:77:c2:fd:c2 firstname.lastname@example.org The key's randomart image is: +--[ RSA 2048]----+ | ..oooD.++| | o. o.o | | .. . | | o . . o| | P . . + | | . . . o| | . o o ..| | + + | | +. | +-----------------+
To list the generated ssh keys, type:
2. Copy public key to host
Now we have he ssh key pair generated on our client machine and need to copy to the remote host to make connection.
Common way to copy your public key to your remote server using
ssh-copy-id command. Type as following on your local terminal:
It will prompt to enter password for remote username. In our example it will look like:
On success authentication, the public key will be appended to the remote user’s
authorized_keys file and connection will be closed.
Alternatively, you can paste in the keys using SSH:
cat ~/.ssh/id_rsa.pub | ssh email@example.com "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"
3. Login to your server using SSH keys
After complete set up you should able to connect to remote server without password. Execute the below command to your client terminal to login:
That’s it! If your setup have no issues your will be logged in immediately.
Disable SSH Password Authentication
Disable ssh password authentication is a another security layer for server.
Follow the below steps to disable ssh password authentication:
1. Connect your server using SSH keys as root or user with sudo privileges:
2. Edit SSH configuration file
/etc/ssh/sshd_config and search for
PasswordAuthentication directive and set it to no as following:
Save and close the file.
3. Restart SSH Service
To take changes in effect we need to restart SSH service.
For Ubuntu or Debian servers, run the following command:
sudo systemctl restart ssh
For CentOS or Fedora servers, type:
sudo systemctl restart sshd
You have successfully learned how to set up passwordless ssh login to connect your remote server. We also show you how to disable SSH password authentication to add extra security level.
If you have any questions or feedback, leave a comment below.
Leave a Reply