SSH (Secure Shell) is a popular and widely used tool for remote login and file transfers over insecure networks, that uses encryption to secure the connection between a client and a server.
Read Also: How to Setup Two Factor Authentication for SSH on Linux
Whereas it is possible to use SSH with an ordinary user ID and password as credentials, it is more and recommended to use key-based authentication (or public key authentication) to authenticate hosts to each other and this is referred to as SSH password-less login.
Requirements:
To easily understand this, I will be using two servers:
- 192.168.56.100 – (tecmint) – A CentOS 7 server from which I will be connecting to Debian 10.
- 192.168.56.108 – (tecmint) – My Debian 10 system with password-less login.
In this article, we will show you how to install OpenSSH server setup SSH password-less login on Debian 10 Linux distribution.
Installing OpenSSH Server on Debian 10
Before you can configure SSH password-less login on your Debian 10 system, you need to install and configure the OpenSSH server package on the system using the following commands.
$ sudo apt-get update $ sudo apt-get install openssh-server
Next, start the sshd service for now, then check if it is up and running using the systemctl command as follows.
$ sudo systemctl start sshd $ sudo systemctl status sshd
Then enable the sshd service to automatically start at system boot, every time the system is rebooted as follows.
$ sudo systemctl start sshd
Verify the sshd service, which by default listens on port 22 using the ss command as shown. If you want you can change SSH Port as shown: How to Change SSH Port in Linux.
$ sudo ss -tlpn
Setting Up SSH Key on CentOS 7 (192.168.56.100)
First, you need to create an SSH key pair (public key and private key) on the CentOS 7 system from where you will be connecting to your Debian 10 server by using the ssh-keygen utility as follows.
$ ssh-keygen
Then enter a meaningful name for the file or leave the default one (this should be the full path as shown in the screenshot, otherwise the files will be created in the current directory). When asked for a passphrase, simply press “enter” and leave the password empty. The key files are usually stored in the ~/.ssh directory by default.
Copying the Public Key to Debian 10 Server (192.168.56.108)
After creating the key pair, you need to copy the public key to the Debian 10 server. You can use the ssh-copy-id utility as shown (you will be asked a password for the specified user on the server).
$ ssh-copy-id -i ~/.ssh/debian10 [email protected]
The above command logs into the Debian 10 server, and copies keys to the server, and configures them to grant access by adding them to the authorized_keys file.
Testing SSH Passwordless Login from 192.168.20.100
Now that the key has been copied to the Debian 10 server, you need to test if SSH password-less login works by running the following SSH command. The login should now complete without asking for a password, but if you created a passphrase, you need to enter it before access is granted.
$ ssh -i ~/.ssh/debian10 [email protected]
In this guide, we have shown you how to install OpenSSH server with SSH password-less Login or key-based authentication (or public key authentication) in Debian 10. If you want to ask any question related to this topic or share any ideas, use the feedback form below.
