SSH login without a password

Here are my personal notes for logging into an ssh-enabled server using key-based authentication.

Step 1 – Generate keys

On your computer, enter the following in a shell prompt. A passphrase is optional.

local:~ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/localuser/.ssh/id_rsa): [ENTER]
Created directory '/home/localuser/.ssh'.
Enter passphrase (empty for no passphrase): [ENTER]
Enter same passphrase again: [ENTER]
Your identification has been saved in /home/localuser/.ssh/id_rsa.
Your public key has been saved in /home/localuser/.ssh/id_rsa.pub.
The key fingerprint is:2f:3a:14:35:2b:2a:24:2b:2d:bc:f8:79:78:ad:48:f9 localuser@localhost

Step 2 – Ensure correct permissions

On your computer, ensure the permissions are set correctly.

local:~ cd ~
local:~ chmod 700 .ssh
local:~ cd .ssh
local:~ chmod 600 id_rsa
local:~ chmod 640 id_rsa.pub

Step 3 – Remote setup

Login to the remote computer, create a .ssh directory, and ensure correct permissions.

local:~ ssh remote-user@remote.example.com
remote-user@remote.example.com's password: [type your password]
remote:~ mkdir .ssh
remote:~ chmod 700 .ssh
remote:~ cd .ssh
remote:~ touch authorized_keys
remote:~ chmod 600 authorized_keys
remote:~ exit

Step 4 – Upload your public key

local:~ cd ~
local:~ cat .ssh/id_rsa.pub | ssh remote-user@remote.example.com 'cat >> .ssh/authorized_keys'
remote-user@remote.example.com's password: [type your password for the last time]

Step 5 – Done!

local:~ ssh remote-user@remote.example.com
remote:~

Leave a Reply

Your email address will not be published. Required fields are marked *