Table of Contents
Secure remote access is essential for efficient server management and system administration. One of the most effective ways to achieve secure remote access is by setting up passwordless SSH. In this tutorial, we’ll walk you through two methods to set up passwordless SSH: the manual method and the ssh-copy-id method.
In today’s digital landscape, secure remote access is crucial for efficient and safe management of servers and systems. One effective way to achieve this is by setting up passwordless SSH, which allows you to log in to a remote server without the need for a password. Let’s get started!
Step 1: Create SSH Key Pair for passwordless authentication
The first step is to generate a public and private key pair on your local machine. To generate an SSH key pair, run the following command in the terminal:
$ ssh-keygen -t rsaIt will prompt you to enter a filename and a passphrase. The default filename is “id_rsa” and the default location is “~/.ssh/”. You can accept the defaults and pressing enter.
Output
Generating public/private rsa key pair.
Enter file in which to save the key (/home/vishal/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/vishal/.ssh/id_rsa
Your public key has been saved in /home/vishal/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:bNZerfghtmqpJlotvdoD3OPZ/TmhnwdL76v9Uxvz1AQ vishal@devmachine
The key's randomart image is:
+---[RSA 3072]----+
| |
| |
| . |
| . = R |
| . . T + ..|
| ooo + ++ o=|
| o++= o.o = +=|
|...o*.+oo o+o ...|
|o++++o...o*=+o.. |
+----[SHA256]-----+Step 2: Copy the Public Key to the target Server
Once you have generated the key pair, you need to copy the public key to the remote server. You can do this using the “ssh-copy-id” command or you can directly add key into known host file, where “ssh-copy-id” command is not included in Linux distribution.
a. Using “ssh-copy-id”
ssh-copy-id username@remote-host Replace “username” with your username on the remote server and “remote-host” with the IP address or hostname of the remote server.
The “ssh-copy-id” command will prompt you for the password of the remote user account. Enter the password to copy the public key to the remote server.
b. Using manual copy method
cat ~/.ssh/id_rsa.pub | ssh username@remote_server_ip "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"Replace username with your username on the remote server, and remote_server_ip with the IP address or hostname of the remote server. Enter your password when prompted.
Step 3: Login to the target server to test the key is setup successfully
Replace “username” with your username on the remote server and “remote-host” with the IP address or hostname of the remote server.
If everything is configured correctly, you should be logged in to the remote server without being prompted for a password.
Troubleshooting Tips
If the passwordless login does not work, check the following:
- Make sure the public key is copied to the correct location on the remote server. The public key should be located in the “~/.ssh/authorized_keys” file of the remote user’s home directory.
- Make sure the permissions on the “~/.ssh/” directory and “~/.ssh/authorized_keys” file are set correctly. The directory should have permissions of 700 and the file should have permissions of 600.
- Make sure the SSH server on the remote server is configured to allow public-key authentication. Check the “sshd_config” file in the “/etc/ssh/” directory and make sure the “PubkeyAuthentication” option is set to yes.
Summary
Setting up passwordless SSH login on Linux is a simple and secure way to access your remote servers. By using public-key authentication, you can eliminate the need to type in your password every time you log in to a remote server. Follow the steps outlined in this article to set up passwordless SSH login and enjoy the convenience and security it provides.