How to Setup Password-less SSH on Linux

SSH, also known as “Secure Shell,” is an open-source protocol used to log in to a remote Linux server. It is used by the system and network administrators to manage Linux servers from a remote location. It is also used to transfer files between multiple Linux systems. There are two ways to log in to a remote Linux system: using password authentication and key-based authentication. Key-based authentication is more secure than passwords because only a user with valid keys can log in to Linux.

In this post, we will show you how to set up password-less SSH on Linux.

Step 1 – Generate an SSH Key

First, you will need to generate an SSH key pair on the machine where you are working.

You can generate it using the following command:

ssh-keygen -t rsa

You will be asked to specify the location to store the key as shown below:

Enter file in which to save the key (/home/vyom/.ssh/id_rsa): 

Just press Enter and accept the default path. You will be asked to set a passphrase as shown below:

Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 

Just press Enter without providing any passphrase. You should see the following output:

Your identification has been saved in /home/vyom/.ssh/id_rsa.
Your public key has been saved in /home/vyom/.ssh/id_rsa.pub.
The key fingerprint is:
ec:50:43:d9:39:64:f8:19:63:18:ab:1c:e4:ea:f5:e7 vyom@newpc
The key's randomart image is:
+--[ RSA 2048]----+
|      . oBo.     |
|     o .+oB      |
|      o +o =     |
|     o = .o      |
|    . = S        |
|   . . +         |
|    .   o .      |
|         o       |
|          E      |
+-----------------+

Now, verify your SSH key using the following command:

ls -la ~/.ssh/id_*.pub

You should see the following output:

-rw-r--r-- 1 vyom vyom 392 Sep  8 14:34 /home/vyom/.ssh/id_rsa.pub

Step 2 – Copy SSH Public Key to Remote Server

Now, you will need to copy your public key to the remote server. You can do it using the ssh-copy-id command:

ssh-copy-id [email protected]

You will be asked to provide a root password of a remote server to copy a public key:

[email protected]'s password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.

Step 3 – Connect Remote Server without Password

At this point, the SSH key is generated and copied to the remote server. You can now connect to the remote server without providing a password:

ssh [email protected]

Once you are connected, you should see the following output:

Welcome to Ubuntu 20.04 LTS (GNU/Linux 5.4.0-29-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

Last login: Wed Sep  8 07:50:27 2021 from 106.222.86.57
root@ubuntu:~# 

Step 4 – Remove Password-based Authentication

At this point, SSH key-based authentication is configured successfully. Now, it is recommended that you disable the use of password authentication so that everyone only uses keys to access the server.

On the remote Linux server, edit the SSH main configuration file:

nano /etc/ssh/sshd_config

Uncomment and change the following line:

PasswordAuthentication no

Save and close the file, then restart the SSH service to apply the changes:

systemctl restart ssh

Conclusion

In the above guide, you learned how to set up SSH password-less authentication on Linux. You can now implement SSH key-based authentication for each server that you want to manage remotely. Try it today on VPS hosting from Atlantic.Net.