SSH, also known as “Secure Shell,” is an open-source protocol used to log in to a remote Linux server. It is used by the system and network administrators to manage Linux servers from a remote location. It is also used to transfer files between multiple Linux systems. There are two ways to log in to a remote Linux system: using password authentication and key-based authentication. Key-based authentication is more secure than passwords because only a user with valid keys can log in to Linux.
In this post, we will show you how to set up password-less SSH on Linux.
Prerequisites
- A Linux server on the Atlantic.Net Cloud Platform
- A root password configured on your server
Step 1 – Create Atlantic.Net Cloud Server
First, log in to your Atlantic.Net Cloud Server. Create a new server, choosing Ubuntu, CentOS, or Rocky Linux as the operating system with at least 2GB RAM. Connect to your Cloud Server via SSH and log in using the credentials highlighted at the top of the page.
Once you are logged in to your server, run the following command to update your base system with the latest available packages.
apt-get update -y
Or
dnf update -y
Step 2 – Generate an SSH Key
First, you will need to generate an SSH key pair on the machine where you are working.
You can generate it using the following command:
ssh-keygen -t rsa
You will be asked to specify the location to store the key as shown below:
Enter file in which to save the key (/home/vyom/.ssh/id_rsa):
Just press Enter and accept the default path. You will be asked to set a passphrase as shown below:
Enter passphrase (empty for no passphrase): Enter same passphrase again:
Just press Enter without providing any passphrase. You should see the following output:
Your identification has been saved in /home/vyom/.ssh/id_rsa. Your public key has been saved in /home/vyom/.ssh/id_rsa.pub. The key fingerprint is: ec:50:43:d9:39:64:f8:19:63:18:ab:1c:e4:ea:f5:e7 [email protected] The key's randomart image is: +--[ RSA 2048]----+ | . oBo. | | o .+oB | | o +o = | | o = .o | | . = S | | . . + | | . o . | | o | | E | +-----------------+
Now, verify your SSH key using the following command:
ls -la ~/.ssh/id_*.pub
You should see the following output:
-rw-r--r-- 1 vyom vyom 392 Sep 8 14:34 /home/vyom/.ssh/id_rsa.pub
Step 3 – Copy SSH Public Key to Remote Server
Now, you will need to copy your public key to the remote server. You can do it using the ssh-copy-id command:
ssh-copy-id [email protected]
You will be asked to provide a root password of a remote server to copy a public key:
[email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added.
Step 4 – Connect Remote Server without Password
At this point, the SSH key is generated and copied to the remote server. You can now connect to the remote server without providing a password:
ssh [email protected]
Once you are connected, you should see the following output:
Welcome to Ubuntu 20.04 LTS (GNU/Linux 5.4.0-29-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage Last login: Wed Sep 8 07:50:27 2021 from 106.222.86.57 [email protected]:~#
Step 5 – Remove Password-based Authentication
At this point, SSH key-based authentication is configured successfully. Now, it is recommended that you disable the use of password authentication so that everyone only uses keys to access the server.
On the remote Linux server, edit the SSH main configuration file:
nano /etc/ssh/sshd_config
Uncomment and change the following line:
PasswordAuthentication no
Save and close the file, then restart the SSH service to apply the changes:
systemctl restart ssh
Conclusion
In the above guide, you learned how to set up SSH password-less authentication on Linux. You can now implement SSH key-based authentication for each server that you want to manage remotely. Try it today on VPS hosting from Atlantic.Net.
