SSH (Secure SHELL) is an open-source and trusted network protocol that is used to log in to remote servers for the execution of commands and programs.
In this article, we will show you how to set up password-less login on RHEL-based Linux distributions such as CentOS, Fedora, Rocky Linux & AlmaLinux, and Debian-based distributions such as Ubuntu & Mint using ssh keys to connect to remote Linux servers without entering a password.
Using Password-less login with SSH keys will increase the trust between two Linux servers for easy file synchronization or transfer.
My Setup Environment
SSH Client : 192.168.0.12 ( Fedora 36 ) SSH Remote Host : 192.168.0.11 ( CentOS 8 )
If you are dealing with several Linux remote servers, then SSH Password-less login is one of the best ways to automate tasks such as automatic backups with scripts, synchronization files using the SCP command, and remote command execution.
In this example, we will set up SSH password-less automatic login from server 192.168.0.12 as user tecmint to 192.168.0.11 with user sheena.
Step 1: Create Authentication SSH-Keygen Keys on – (192.168.0.12)
First login into server 192.168.0.12 with user tecmint and generate a pair of public keys using the following command.
$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/tecmint/.ssh/id_rsa): [Press enter key] Created directory '/home/tecmint/.ssh'. Enter passphrase (empty for no passphrase): [Press enter key] Enter same passphrase again: [Press enter key] Your identification has been saved in /home/tecmint/.ssh/id_rsa. Your public key has been saved in /home/tecmint/.ssh/id_rsa.pub. The key fingerprint is: 5f:ad:40:00:8a:d1:9b:99:b3:b0:f8:08:99:c3:ed:d3 [email protected] The key's randomart image is: +--[ RSA 2048]----+ | ..oooE.++| | o. o.o | | .. . | | o . . o| | S . . + | | . . . o| | . o o ..| | + + | | +. | +-----------------+
Step 2: Upload SSH Key to – 192.168.0.11
Use SSH from server 192.168.0.12 and upload a newly generated public key (id_rsa.pub) on server 192.168.0.11 under sheena‘s .ssh directory as a file name authorized_keys.
$ ssh-copy-id [email protected]
Make sure that the correct permissions are set on the ~/.ssh directory and the ~/.ssh/authorized_keys file on the remote server.
$ ssh [email protected] "chmod 700 ~/.ssh && chmod 600 ~/.ssh/authorized_keys"
Step 3: Disable Password Authentication (Optional)
For increased security, you can disable password authentication on the remote server and only allow SSH key authentication. To do this, open the SSH server configuration file on the remote server:
$ sudo nano /etc/ssh/sshd_config OR $ sudo vi /etc/ssh/sshd_config
Find the line containing PasswordAuthentication and set it to no.
Save the file and restart the SSH service.
$ sudo systemctl restart sshd
Step 4: Test SSH Passwordless Login from 192.168.0.12
From now onwards you can log into 192.168.0.11 as a sheena user from server 192.168.0.12 as a tecmint user without a password.
$ ssh [email protected]
In this article, you’ve learned how to set up an SSH Passwordless login using an ssh key. I expect that the process was straightforward. If you have any questions, please post them in the comment section below.