Passwordless SSH Login in 3 Simple Steps

Filed Under: UNIX/Linux

SSH (Secure SHELL) is a secure opensource network protocol that allows users to log in securely to remote Linux systems and other network devices. In addition, the protocol is used for the transfer of files between Linux systems using Secure copy (SCP) protocol.

Usually, SSH prompts users for passwords before login. However, you can configure SSH Passwordless login to another remote Linux system from your Linux system. This enhances trust and comes in handy in cron jobs that require backup of files remotely using the SCP protocol.

In this guide, you will learn how to set up passwordless SSH login using ssh keys to increase trust between two servers.

Set up environment


ssh client      : 66.152.163.19 (Ubuntu 18.04)

ssh remote Host : 173.82.2.236  (CentOS 7)

Generate SSH keys on the client system ( 66.152.163.19 )

The first step in setting up a passwordless login is to generate ssh authentication keys in the client system. SSH keys are digital keys that create trust between Linux systems.

To generate the ssh keys execute the command.

$ ssh-keygen

You will be prompted for the file in which to save the key. Hit ‘Enter’ to save to the default location directory ( /root/.ssh)

Enter file in which to save the key (/home/user/.ssh/id_rsa):

Hit Enter.

Next, you will be prompted for a passphrase. This we are setting up a passwordless login, hit ‘Enter’ twice to skip.


Enter passphrase (empty for no passphrase):
Enter same passphrase again:

Hit ‘Enter’ on both occasions.

The full output is shown below.

Sample output

generate ssh keys using ssh-keygen

The ssh-keygen command generates both public and private ssh keys and stores them in /root/.ssh directory.

To verify run:

ls /root/.ssh

Sample output

Confirm Public And Private Keys

The public key is denoted by id_rsa.pub.

The private key is denoted by id_rsa.

Copying the ssh public key to the remote system (173.82.2.236)

The next step is to copy the public key to the remote Linux server. This will be achieved using the ssh-copy-id command as shown below.

ssh-copy-id remote_username@server_ip_address

In our example, the command will be:

ssh-copy-id root@173.82.2.236

You will be asked if you are sure you want to continue connecting. Type yes and hit ‘Enter’

The authenticity of host '173.82.2.236 (173.82.2.236)' can't be established.
ECDSA key fingerprint is SHA256:U4aOk0p30sFjv1rzgh73uhGilwJ2xtG205QFqzB9sns.
Are you sure you want to continue connecting (yes/no)? yes

Next, you will be prompted for the remote system’s password. Type the password and hit ‘Enter’

root@173.82.2.236's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@173.82.2.236'"
and check to make sure that only the key(s) you wanted were added.

The full output is shown below.

Passwordless SSH Login Script

The ssh public key will be saved at /root/.ssh/authorized_keys file on the remote system.

Logging in to the remote system

Having copied the public ssh key to the remote system, you can now log in without being prompted for a password as shown.

ssh server-ip-address

For our case, this will be:

ssh 173.82.2.236

Log In To Remote Server

And that’s how you set up a Passwordless SSH setup from a client Linux system to a remote Linux server.

  • Delete the public key from the client system. If you think that the private key is compromised, delete the public key from the remote server and set it up again.
  • The above SSH command works without giving user id because we are using the root user in both the servers. If you have set up passwordless login for some other user, please provide that in the SSH command too.

Leave a Reply

Your email address will not be published. Required fields are marked *

close
Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages