SSH, also known as a “Secure Shell Protocol,” is a protocol used to access a remote Linux system securely over an unsecured network via the command-line interface. SSH allows users to run commands on remote Linux servers, install and remove software packages, and manage everything via command line from a single place.
If you are a Linux system administrator and managing multiple servers via SSH, then you may need to provide a root password each time when you connect to the remote server. Remembering passwords for thousands of servers is very difficult for an administrator. In this case, you can use an SSH public and private key pair to connect remote servers without entering a password.
In this post, we will show you how to create a public and private key and set up a Linux server for passwordless login.
Create a Public and Private SSH Key Pair
First, you will need to create a public and private key in your local Linux machine. You can use the ssh-keygen command to generate an RSA key pair.
ssh-keygen -t rsa
You will be asked to define the path to save the key files:
Generating public/private rsa key pair. Enter file in which to save the key (/home/vyom/.ssh/id_rsa):
Just press the Enter key to save the key files in the default location. You will be asked to set a passphrase:
Enter passphrase (empty for no passphrase):
Just press the Enter key to leave it empty. Once the key files are generated, you will get the following output:
Your identification has been saved in /home/vyom/.ssh/id_rsa. Your public key has been saved in /home/vyom/.ssh/id_rsa.pub. The key fingerprint is: SHA256:Osc1pEf3PGhYBuDiofx7GG6qbjo1+6Z4rxdcTxdeYsg vyom@vyompc The key's randomart image is: +---[RSA 2048]----+ | ..o. | | .E +.. | | o .oo++ | | . o.o.+o= + | | .o..oS.= o + | | o o..o.o o . | | . o o+oo | |..+ o ++. | |o*=O+o.. | +----[SHA256]-----+
You can now list both public and private key files using the following command:
ls -l .ssh/
You will get both files in the following output:
-rw------- 1 vyom vyom 1679 Apr 13 10:16 id_rsa -rw-r--r-- 1 vyom vyom 393 Apr 13 10:16 id_rsa.pub -rw-r--r-- 1 vyom vyom 8212 Apr 13 09:36 known_hosts
Also Read
How to Setup Password-less SSH on Linux
Copy SSH Public Key to the Remote Server
Next, you will need to copy the public key (id_rsa.pub) file to the remote server that you want to manage from your local machine.
You can run the ssh-copy-id command to copy the public key to the remote server:
ssh-copy-id root@remote-server-ip
You will be asked to provide the password of the remote server to copy the public key to the remote server:
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added.
Also Read
How to Secure SSH Service with Port Knocking
Connect to Remote Server Without Password
At this point, the public key is copied to the remote server. You are now able to connect to the remote server without providing a password.
ssh root@your-server-ip
Once you are logged in to the remote server, you will get the following output:
Activate the web console with: systemctl enable --now cockpit.socket Last failed login: Wed Apr 13 04:39:07 UTC 2022 from 92.255.85.135 on ssh:notty There were 2 failed login attempts since the last successful login. Last login: Wed Apr 13 04:06:28 2022 from 27.61.243.122 [root@linux ~]#
Conclusion
In this post, we explained how to create the public and private keys, copied the public key to a remote server, and accessed the remote Linux server without a password. Hopefully, this will save you a lot of time while managing multiple remote servers. Try it on VPS hosting from Atlantic.Net!