Looking to establish a secure connection between your client and server? Look no further than Secure Shell (SSH). As a popular cryptographic network protocol, SSH supports a variety of authentication mechanisms, including password-based and public key-based.
In this tutorial, we’ll guide you through the process of setting up SSH key-based authentication and demonstrate how you can connect to your Linux server without having to enter a password. Ensure the safety and security of your network with SSH.
How to Setup SSH Passwordless Login
To establish a password-free SSH login on Linux, simply generate a public authentication key and add it to the
~/.ssh/authorized_keys file on the remote host.
Follow the step-by-step process for configuring passwordless SSH login:
1. Check for existing SSH key pair:
To avoid overwriting existing SSH keys, it is recommended to check if an SSH key pair already exists on your client machine before generating a new one.
You can use the following
ls command to see if any SSH keys are present:
ls -al ~/.ssh/id_*.pub
If you find existing keys, you can choose to use them instead of generating a new one or back them up before generating a new key pair.
If the command returns
No such file or directory or
no matches found you can proceed with generating a new SSH key pair.
2. Make a new SSH key pair:
To generate a new 4096-bit SSH key pair with your email address as a comment, use the following command:
ssh-keygen -t rsa -b 4096 -C "[email protected]"
You can optimize the process by accepting the default file location and file name by pressing
Enter when prompted:
Output Enter file in which to save the key (/home/yourusername/.ssh/id_rsa):
ssh-keygen tool will also ask you if you want to use a passphrase for an extra layer of security. While it’s optional, using a passphrase is highly recommended for better protection. However, some developers and system administrators prefer not to use a passphrase for fully automated processes. If you choose not to use a passphrase, just press
Output Enter passphrase (empty for no passphrase):
This whole process will look like this:
To ensure the SSH keys are generated you can list new private and public keys with by the following command:
Output /home/yourusername/.ssh/id_rsa /home/yourusername/.ssh/id_rsa.pub
3. Copy the public key:
To enable passwordless login to your server after generating an SSH key pair, it’s essential to copy the public key to your server. The most convenient way to accomplish this task is by using the
To get started, launch your local machine terminal and input the following command:
After that, you’ll be asked to provide the remote_username password:
Output remote_username@server_ip_address's password:
After the user gets authenticated, the public key will then be appended to the remote user
authorized_keys file and the connection will be terminated.
In the event that ssh-copy-id is not available on your local computer, you can utilize the following command to copy the public key:
cat ~/.ssh/id_rsa.pub | ssh remote_username@server_ip_address "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"
4. Login with SSH key :
Once you’ve completed the above steps you can easily log in to the remote server without being asked for any password.
Testing the connection is as easy as attempting to log in via SSH with the command:
If the process was successful, you’ll be granted immediate access to your server.
How to disable SSH Password Authentication
If you’re looking to improve the security of your server, consider disabling password authentication for SSH. Before doing so, ensure that you’re able to log in without a password and that the user you’re logging in with has
Check out how to configure
How To Create a Sudo User on Ubuntu or Debian
Once you’ve established secure login, connect to your remote server using SSH keys as a user with sudo privileges or root:
Search and modify the SSH configuration file
/etc/ssh/sshd_config by adding the following directives:
/etc/ssh/sshd_config PasswordAuthentication no ChallengeResponseAuthentication no UsePAM no
Save the changes and restart the SSH service.
For Ubuntu and Debian servers, enter the following command:
sudo systemctl restart ssh
For CentOS or Fedora servers, enter the following command:
sudo systemctl restart sshd
In this step-by-step guide, we showed you how to easily configure SSH key-based authentication, enabling hassle-free access to your remote server without the need for a user password. By using this technique, you can also streamline access to multiple remote servers using the same key.
Furthermore, we provided you with expert advice on how to increase the security of your server by disabling SSH password authentication and adding an additional layer of protection to your server.
If you still have any queries or suggestions regarding our tutorial, don’t hesitate to leave a comment below.