Passwordless SSH Login in 3 Simple Steps

SSH (Secure SHELL) is a secure opensource network protocol that allows users to log in securely to remote Linux systems and other network devices. In addition, the protocol is used for the transfer of files between Linux systems using Secure copy (SCP) protocol.

Usually, SSH prompts users for passwords before login. However, you can configure SSH Passwordless login to another remote Linux system from your Linux system. This enhances trust and comes in handy in cron jobs that require backup of files remotely using the SCP protocol.

In this guide, you will learn how to set up passwordless SSH login using ssh keys to increase trust between two servers.

Set up environment

Copy
ssh client      : 66.152.163.19 (Ubuntu 18.04)

ssh remote Host : 173.82.2.236  (CentOS 7)

Generate SSH keys on the client system ( 66.152.163.19 )

The first step in setting up a passwordless login is to generate ssh authentication keys in the client system. SSH keys are digital keys that create trust between Linux systems.

To generate the ssh keys execute the command.

Copy
$ ssh-keygen

You will be prompted for the file in which to save the key. Hit ‘Enter’ to save to the default location directory ( /root/.ssh)

Copy
Enter file in which to save the key (/home/user/.ssh/id_rsa):

Hit Enter.

Next, you will be prompted for a passphrase. This we are setting up a passwordless login, hit ‘Enter’ twice to skip.

Copy
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

Hit ‘Enter’ on both occasions.

The full output is shown below.

Sample output

The ssh-keygen command generates both public and private ssh keys and stores them in /root/.ssh directory.

To verify run:

Copy
ls /root/.ssh

Sample output

The public key is denoted by id_rsa.pub.

The private key is denoted by id_rsa.

Copying the ssh public key to the remote system (173.82.2.236)

The next step is to copy the public key to the remote Linux server. This will be achieved using the ssh-copy-id command as shown below.

Copy
ssh-copy-id remote_username@server_ip_address

In our example, the command will be:

Copy
ssh-copy-id root@173.82.2.236

You will be asked if you are sure you want to continue connecting. Type yes and hit ‘Enter’

Copy
The authenticity of host '173.82.2.236 (173.82.2.236)' can't be established.
ECDSA key fingerprint is SHA256:U4aOk0p30sFjv1rzgh73uhGilwJ2xtG205QFqzB9sns.
Are you sure you want to continue connecting (yes/no)? yes

Next, you will be prompted for the remote system’s password. Type the password and hit ‘Enter’

Copy
root@173.82.2.236's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@173.82.2.236'"
and check to make sure that only the key(s) you wanted were added.

The full output is shown below.

The ssh public key will be saved at /root/.ssh/authorized_keys file on the remote system.

Logging in to the remote system

Having copied the public ssh key to the remote system, you can now log in without being prompted for a password as shown.

Copy
ssh server-ip-address

For our case, this will be:

Copy
ssh 173.82.2.236

And that’s how you set up a Passwordless SSH setup from a client Linux system to a remote Linux server.

• Delete the public key from the client system. If you think that the private key is compromised, delete the public key from the remote server and set it up again.
• The above SSH command works without giving user id because we are using the root user in both the servers. If you have set up passwordless login for some other user, please provide that in the SSH command too.

About Pankaj

I love Open Source technologies and writing about my experience about them is my passion. You can connect with me directly on Facebook, Twitter, and YouTube.