Tutorial on PasswordLess SSH in Linux
SSH is a protocol used for encrypting communication between a server and a client. The telnet protocol has been replaced with this. And most Linux distributions come with SSH by default. The cryptographic protocol allows you to manage machines, copy, or move files to and from remote servers via encrypted channels. Logging into a remote system via SSH can be done two ways, with passwords or with public-key authentication (passwordless SSH login).
Here, we discuss the second method of authentication, which is public-key authentication (passwordless SSH login).
Utilizing public/private keys as authentication provides the following advantages:
- The server won’t ask you for a password every time you access it.
- It is impossible for any unauthorized person to gain access to your server unless they have the right key.
So lets begin,
Step 1: Create keys on the Local machine
# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:fHriTAQVNPywHDfT3DV3LQChUSXavB2VyfTdfg96/Ys
Step 2: Public key to remote host
# ssh-copy-id -i ~/.ssh/id_rsa.pub user@remote-host
user@remote-hosts's password:
# cat ~/.ssh/id_rsa.pub | ssh user@remote-host "cat >> ~/.ssh/authorized_keys"
Step 3: Verify correct permissions
drwx------. 25 vpsie oinstall 4096 Aug 21 11:01 /home/vpsie/
drwx------. 2 vpsie oinstall 4096 Aug 17 13:13 /home/vpsie/.ssh
-rw-------. 1 vpsie oinstall 420 Aug 17 13:13 /home/vpsie/.ssh/authorized_keys
# chmod 600 ~/.ssh/authorized_keys
chmod 700 ~/.ssh/
To make sure the changes take effect, restart the sshd service:
# service sshd restart
In another case, SELinux may also interfere with sshd ability to access the ~/.ssh file on the server. By performing restorecon on the remote user’s */.ssh directory, you can determine the problem:
# restorecon -Rv ~/.ssh
That’s it
We hope this tutorials was informative for you!