Access your Linode via SSH using Public Key authentication. It is recommended to use SSH key-based authentication as it is more secure and removes the overhead of typing passwords all the time.
Private keys allow the users to login to SSH without a password. This is considered a safe practice in some cases while also discards the need to remember multiple passwords.
In this tutorial, we would learn how to generate our own SSH Key Pair on our local machine and then configure our Server to use the same for authentication when trying to connect over SSH.
Steps to Login to SSH Without A Password
Let’s go over the process step-by-step to login to SSH without a password. If you’re new, you can start by reading more about how to connect to a remote host using SSH. If you’re ready, let’s get started.
Step 1: Generate SSH Key Pair
On our local machine, we can generate a SSH Key Pair with the following command :
Use Key Steam
On execution, we are prompted to specify a file in which to save the private key, the default being /home/user/.ssh/id_rsa ; here id_rsa is the name of our Private Key file. You can always specify a different path and name for the Private Key file. For our demonstration, we shall use the default configuration.
Step 2: Provide A Passphrase (Optional)
Next, we are presented with a prompt that asks us for a passphrase that can be used to protect the SSH Private Key from unauthorized access.
However, this field is optional and if left empty, it stores the Private Key file without any protection. In our example, we would leave this field empty. After this, we would have successfully generated our Key Pair. We are also presented with a ‘fingerprint’ and ‘visual fingerprint’ of our key which we need not save.
Step 3: Configure the Server To Use Our Private Key
At this point, we should have the following two files under /home/user/.ssh :
- id_rsa : Our SSH Private Key
- id_rsa.pub : Our SSH Public Key
Take note of the permissions of the private key ( id_rsa ). SSH Private Key files should ALWAYS HAVE 600 PERMISSIONS! If not, change its permission to the said value using the chmod command:
Next, we need to configure our Server to use our private key for login. Now this can be done manually by logging into the Server and configuring stuff manually but there’s a tool ssh-copy-id which does all the hard work for us !
Hence, to configure our Server to use our private key, simply run :
Ssh Using Rsa Key
Here,
- USER is the username we want to login as onto the server
- IP is the IP address of our Server
Use Keys To Paste
And with that, we can now simply SSH into our Server with :
If you had previously specified a passphrase, you will get a prompt asking for the same :
Note that if you are not using the default path and file names then you need to specify the private key file using the -i flag as follows :
Ssh Use Key File
Thus we successfully SSH’d into our machine using our PRIVATE KEY !
Use Keys To Copy
Conclusion
And with that, we were able to login to SSH without a password on our Linux machine. It’s an easy and more secure way of logging in as it locks you to log in from specific IP addresses. If you’re interested in learning more on Linux topics, continue to follow LinuxForDevices.