SSH Login Without Password (Linux)

Public key authentication can allow you to log into remote systems via SSH without a password.  Even though you will not need a password to log into a system, you will need to have access to the key.  Be sure to keep your key in a secure location.

Here is an example of creating a passwordless connection from linuxsvr01 to linuxsvr02 using SSH public key authentication.

1. Create an SSH Key Using ssh-keygen

Use the ssh-keygen command to create an SSH key.  Accept all the defaults by pressing ENTER at every prompt.  You’ll want to leave the passphrase empty.

linuxsvr01$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
b2:ad:a0:80:85:ad:6c:16:bd:1c:e7:63:4f:a0:00:15 user@host
The key's randomart image is:
+---[RSA 2048]----+
|           . o + |
|         = X * . |
|      . O @ = . .|
|     + o X O . + |
|   . = S * = o   |
| . ..o . . o .   |
|     + .o. E     |
|      + ...o.    |
|     . . ooo+.   |
+----[SHA256]-----+
linuxsvr01$

Note: You can optionally add a passphrase for the key itself.  If you do use a passphrase, then you will have to use an ssh-agent to cache the passphrase.  While the passphrase is cached you can connect without entering in the passphrase.

2. Copy the SSH Public Key to the Remote Host with ssh-copy-id

linuxsvr01$ ssh-copy-id root@linuxsvr02
root@linuxsvr02's password:
linuxsvr01$

Optional: Manually Copy the SSH Public Key to the Remote Host

If you get a “command not found” error when attempting the “ssh-copy-id” command, you’ll need to manually copy the SSH public key to the remote host.

Display the contents of the SSH Public Key.

linuxsvr01$ cat ~/.ssh/id_rsa.pub
ssh-rsa LONG_STRING_OF_CHARACTERS user@domain

Copy the output of the cat command. (NOTE: The SSH public key is the entire line starting with and including “ssh-rsa”.)

Append the SSH public key to the authorized_keys file on remote host.

linuxsvr01$ ssh root@linuxsvr02
linuxsvr02# mkdir ~/.ssh
linuxsvr02# echo THE_PUBLIC_KEY_STRING >> ~/.ssh/authorized_keys
linuxsvr02# chmod -R 600 ~/.ssh
linuxsvr02# exit
linuxsvr01$

3. Login to the Remote Host Without a Password

Now you can connect to the server without a password.

linuxsvr01$ ssh root@linuxsvr02
Last login: Tue Apr 22 11:35:41 2016 from 10.23.45.67
linuxsvr02#
Download the Linux Networking Cheat Sheet
Get a nicely formatted and ready-to-print PDF copy of the Linux Networking Cheat Sheet by entering your email address below:
We respect your privacy.
Download My Linux Cheat Sheet!
Enter your email address below to download this Linux command line cheat sheet in an easy-to-read and ready-to-print format.
We respect your privacy.