How to Configure SSH Passwordless Login on openSUSE 15.3

One of the well-known and generally accepted OpenSSH best security practices is to configure and use public key authentication a.k.a passwordless authentication. Although this approach is fundamentally for security, on a lighter note, it also allows for ease of use because of not having to type a password every time you attempt to log on to your server.

This guide will walk you through the required steps to configure SSH passwordless authentication as well as disable password authentication on openSUSE 15.3.

Testing Environment:

  • Local Ubuntu with ssh client – 192.168.56.1
  • Remote openSUSE 15.3 server – 192.168.56.101

Step 1: Generate SSH Public/Private Key Pair

To create the key pair, use the ssh-keygen command with the -t flag to specify the key type. If used without any arguments, a 2048-bit RSA key will be generated. By default, the private key will be stored under the ~/.ssh/id_rsa directory and the public key under ~/.ssh/id_rsa.pub.

Note that you can generate a key pair with a custom name. Additionally, if you intend to use the key pair for interactive login, you can set a passphrase (synonymous with a password for accessing and using the key) while generating the key pair.

$ ssh-keygen
Generate SSH Key Pair
Generate SSH Key Pair

Now confirm that the key pair has been generated under the ~/.ssh directory using the ls command as shown.

$ ls -la .ssh/my_key*
Confirm SSH Key Pair
Confirm SSH Key Pair

Step 2: Upload SSH Key to Remote openSUSE Server

Next, upload the public key to the remote openSUSE server using the ssh-copy-id command as follows. Use the -i flag to specify the path to the public key and enter your ssh password when prompted:

$ ssh-copy-id -i .ssh/my_key.pub  [email protected]

Tip: If you get the “Received disconnect from 192.168.56.101 port 22:2: Too many authentication failures, Disconnected from 192.168.56.101 port 22” error, use the IdentitiesOnly=yes option as described in the following command.

$ ssh-copy-id -i .ssh/my_key.pub -o IdentitiesOnly=yes  [email protected]
Copy SSH Key to Remote openSUSE
Copy SSH Key to Remote openSUSE

Step 3: Connect to openSUSE Without SSH Passwordless

Now verify remote passwordless login to the openSUSE server. Try to log on with your private key as follows. Enter your passphrase whenever you are prompted to provide it.

$ ssh -i .ssh/my_key [email protected]
Connect to openSUSE Without SSH Password
Connect to openSUSE Without SSH Password

Step 4: Disable SSH Password Authentication

Caution: Ensure that you have set up and successfully tested passwordless authentication before disabling password authentication, otherwise you risk locking yourself out of the openSUSE server.

To disable password authentication, make sure the PasswordAuthentication and ChallangeResponseAuthentication configuration directives are set to no and UsePAM is set to yes as shown in the following screenshot.

Disable SSH Password Authentication
Disable SSH Password Authentication

Save the recent settings and restart the sshd daemon/service as shown.

$ sudo systemctl restart sshd

From now on, any user on the openSUSE server who tries to log on with password authentication will encounter the error shown in the following screenshot.

SSH Permission Denied Error
SSH Permission Denied Error

That’s all for now. To seek more information about this subject, reach us via the feedback form below.

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

Aaron Kili
Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.