If you are accessing a remote server frequently, it is convenient for you to be able to SSH to the remote host without entering an SSH password. Passwordless SSH login is even more useful when you are using SSH for non-interactive purposes, for example, for filesystem mount, offsite backup, etc. Also, many distributed systems or cloud orchestration layers (e.g., OpenStack) leverage password-less SSH authentication to control remote compute nodes.
If you want to log in to a remote SSH server without entering an SSH password, you can instead use key-based authentication, where you install your public key on a remote server a priori, and then log in to the server non-interactively by presenting your private key as an authentication key.
Here is how to enable SSH login without entering an SSH password.
Assume that you are a user account alice on host1, and wish to ssh to host2 as user bob, without entering the bob's password.
First, you need to be logged in as user alice on host1.
Generate a public/private RSA key pair by using ssh-keygen command.
The generated key pair (id_rsa and id_rsa.pub) will be stored in ~/.ssh directory.
Next, you need to install the generated public key (~/.ssh/id_rsa.pub) of alice to the remote server host2 under the bob account. This can be achieved by ssh-copy-id command as follows.
You will then be asked to enter the bob's password. Once you enter the bob's password, the alice's public key will be installed on the remote server host2.
From this point on, you no longer need to type in the bob's password when you SSH from alice@host1 to bob@host2.
1. You are still asked for an SSH password even after enabling key authentication. In this case, check for system logs (e.g., /var/log/secure) to see if you see something like the following.
Authentication refused: bad ownership or modes for file /home/aliceB/.ssh/authorized_keys
In this case, failure of key authentication is due to the fact that the permission or ownership ~/.ssh/authorized_keys file is not correct. Typically this error can happen if ~/.ssh/authorized_keys is read accessible to anyone but yourself. To fix this problem, change the file permission as follows.
Subscribe to Xmodulo
Do you want to receive Linux FAQs, detailed tutorials and tips published at Xmodulo? Enter your email address below, and we will deliver our Linux posts straight to your email box, for free. Delivery powered by Google Feedburner.
Did you find this tutorial helpful? Then please be generous and support Xmodulo!