As we all know, SSH is secure shell protocol which is used to securely communicate with other systems on the network. There are many chances that you want to automate tasks, such as synchronization files between two systems, automatic backup between two or more systems using your own scripts. In such cases, the two systems must be login to each other without having to enter the password manually by the user. In this brief guide, we are going to configure passwordless SSH login in Unix-like systems. That means, we don't need to enter the password when we SSH to other system on the network.
Table of Contents
Configure Passwordless SSH Login In Linux
For the purpose of this guide, we will be using two systems running with CentOS and Ubuntu. CentOS is the remote system, and Ubuntu is my local system.
Here is the my local and remote system's details.
Local host:
- OS : Ubuntu 16.04 LTS 64-bit server
- IP address : 192.168.43.2/24
Remote host:
- OS : CentOS 7 64-bit server
- IP address : 192.168.43.150/24
I want to access the CentOS system (remote system) from Ubuntu (local system) via SSH without entering the password. Let us see how to do it.
Make sure openssh is installed on both systems. If it is not installed by any chance, you can install openssh using you distribution's package manager. The following command will install openssh on Ubuntu-based systems:
sudo apt-get install openssh
And, the following command will install openssh in CentOS and other RPM based systems:
sudo yum install openssh
Generate SSH keypair on local system
ssh-keygen creates a keypair, private and public keys. The private key should be kept secret. You shouldn't disclose it to anyone else. And, the public key should be shared with the remote systems that you want to access via ssh.
Important note: Do not generate keypair as root, as only root would be able to use those keys. Create key pairs as normal user.
Run the following command in local system (Ubuntu in my case) to generate the keypair.
ssh-keygen
The above command will create 2048 bit RSA key pair. Do not enter any passphrase. Just hit ENTER key and continue with default values.
Sample output:
Generating public/private rsa key pair. Enter file in which to save the key (/home/sk/.ssh/id_rsa): #Press ENTER Created directory '/home/sk/.ssh'. Enter passphrase (empty for no passphrase): #Press ENTER Enter same passphrase again: #Press ENTER Your identification has been saved in /home/sk/.ssh/id_rsa. Your public key has been saved in /home/sk/.ssh/id_rsa.pub. The key fingerprint is: SHA256:7TN6N0H6lWmvkQ8jkkJ6mk/CzLgJ1xqLKs6IYih22tE sk@ubuntuserver The key's randomart image is: +---[RSA 2048]----+ | | | | | | | . . | | S .o o | | .* o .... =. | |. ..+EB + *..+=. | |Oo.=.* * o.++. =.| |@=+.= o.o. . ....| +----[SHA256]-----+
In case you have already created the key pair, you will see the following message. Just type “y” to create overwrite the existing key .
/home/username/.ssh/id_rsa already exists. Overwrite (y/n)?
Now, we have created the key pair in the client system. Now, copy the SSH public key to the remote system that you want to access via SSH.
In my case, I want to access my remote system which is running with CentOS. So, I ran the following command to copy my public key to the remote system:
ssh-copy-id ostechnix@192.168.43.150
ssh-copy-id command is used to copy the local host’s public key to the remote host’s authorized_keys file. Here, I am copying my local(Ubuntu) system’s public key to the remote system (CentOS in my case). Technically speaking, the above command will copy the contents of client system’s ~/.ssh/id_rsa.pub key into remote system’s ~/.ssh/authorized_keys file. Clear? Good.
Type yes to continue connecting to your remote SSH server. And, then Enter the user’s password of the remote system.
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/sk/.ssh/id_rsa.pub" The authenticity of host '192.168.43.150 (192.168.43.150)' can't be established. ECDSA key fingerprint is SHA256:U7I0O1OOzzbHFlhIG0HoGDr1usHzLBju6Jmr6bUB9Es. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys ostechnix@192.168.43.150's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'ostechnix@192.168.43.150'" and check to make sure that only the key(s) you wanted were added.
We have successfully added the SSH public key to the remote SSH server.
Now, try to ssh the remote system from the local system:
ssh ostechnix@192.168.43.150
Now, It won't ask you to enter any password to access that remote system.
As you can see, I can now be able to access my remote system without entering the password.
Also Read: How To Configure SSH Key-based Authentication In Linux
And, that's all for now. I hope you have now learned how to configure passwordless SSH login in Linux. If you find this guide useful, please share it on your social, professional networks and support OSTechNix. We will be posting more useful guides every day. Keep visiting!
Cheers!
Thanks for stopping by!
Help us to help you:
- Subscribe to our Email Newsletter : Sign Up Now
- Support OSTechNix : Donate Via PayPal
- Download free E-Books and Videos : OSTechNix on TradePub
- Connect with us: Facebook | Twitter | Google Plus | LinkedIn | RSS feeds
Have a Good day!!
