Morioh
Login
Annalise Hyatt

Annalise Hyatt

3 years ago

2 Simple Steps to Set up Passwordless SSH Login on Ubuntu

This tutorial explains how to set up passwordless SSH login on an Ubuntu desktop. There’re basically two ways of authenticating user login with OpenSSH server: password authentication and public key-based authentication. The latter is also known as passwordless SSH login because you don’t have to enter your password.

2 Simple Steps to Set Up Passwordless SSH Login

Step 1: Generate a Public/Private Keypair on Your Ubuntu Desktop

On your Ubuntu desktop (not your server), enter the following command in a terminal window.

ssh-keygen -t rsa

-t stands for type. The above command generates a RSA type keypair. RSA is the default type, so you can also type ssh-keygen in terminal. By default the key is 2048 bits long, if you prefer stronger security then you can specify a 4096 bits key like below.

ssh-keygen -t rsa -b 4096

When asked which file to save the key, you can simply press Enter to select the default file. Next, enter a good passphrase that is at least 20 characters long. The passphrase is used to encrypt the private key. The private key (your identification) will be save in** .ssh/id_rsa** under your home directory. The public key will be save in the .ssh/id_rsa.pub file.

passwordless ssh login

From the randomart image we can see the length of the key (RSA 4096). And if you take a look at the ~/.ssh/id_rsa file with

head ~/.ssh/id_rsa

You can see that the private key is encrypted, as indicated by the first two lines of the private key file.

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED

Step 2: Upload Your Public Key to Remote Linux Server

This can be easily done with ssh-copy-id command, which is shipped by the openssh-client package.

ssh-copy-id remote-user@server-ip

Enter the remote user’s password. Sample output:

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
remote-user@server-ip's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'remote-user@server-ip'"
and check to make sure that only the key(s) you wanted were added.

The public key is stored in .ssh/authorized_keys file under the remote user’s home directory. Now ssh into the remote server

ssh remote-user@server-ip

This time you need to enter your RSA** key** passphrase to unlock the private key. You can also select automatic unlocking the key when logging in so you don’t have to enter passphrase anymore.

#linux server #openssh #public key authentication #security #ssh key #ssh passwordless login #ubuntu

2 Simple Steps to Set up Passwordless SSH Login on Ubuntu
1.35 GEEK