How to Configure Passwordless SSH Login in Linux

Oct 8, 2015 Linux

Secure Shell (SSH), besides standard password authentication, gives us the possibility to authenticate using private – public key relation. This allows us access remote systems without typing the password each time we want to connect and the connection is still secure. This method is based on generation of two keys: private key (kept private on our local host), public key (given to any remote host we want to connect to passwordless).

Steps:

1. Generate private/public key pair on local host

Press ENTER when prompted for passphrase:

[tuxfixer@pinky ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/tuxfixer/.ssh/id_rsa): 
Created directory '/home/tuxfixer/.ssh'.
Enter passphrase (empty for no passphrase): (press ENTER)
Enter same passphrase again: (press ENTER)
Your identification has been saved in /home/tuxfixer/.ssh/id_rsa.
Your public key has been saved in /home/tuxfixer/.ssh/id_rsa.pub.
The key fingerprint is:
7a:0d:94:b4:19:6f:54:c2:70:c6:0e:a4:33:ce:1f:4b tuxfixer@pinky
The key's randomart image is:
+--[ RSA 2048]----+
|       .=+=..    |
|       o.Xo.     |
|      + =oo      |
|     o + ..      |
|      o E        |
|       + =       |
|      . + .      |
|       .         |
|                 |
+-----------------+

2. Copy public key from local host to the destination remote host

[tuxfixer@pinky ~]$ ssh-copy-id -i /home/tuxfixer/.ssh/id_rsa.pub tuxfixer@192.168.2.26
The authenticity of host '192.168.2.26 (192.168.2.26)' can't be established.
ECDSA key fingerprint is 51:74:c0:fb:7b:5d:6a:f4:13:ce:71:e8:e9:e1:2c:51.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
tuxfixer@192.168.2.26's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'tuxfixer@192.168.2.26'"
and check to make sure that only the key(s) you wanted were added.

3. Test passwordless connection

You shouldn’t be prompted for password anymore:

[tuxfixer@pinky ~]$ ssh tuxfixer@192.168.2.26
Last login: Thu Oct  8 01:06:02 2015 from 192.168.2.9
[tuxfixer@elmo ~]$

Grzegorz Juszczak

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.