How to Setup SSH Passwordless Login in Linux [3 Easy Steps]

SSH (Secure SHELL) is an open-source and most trusted network protocol that is used to log in to remote servers for the execution of commands and programs. It is also used to transfer files from one computer to another computer over the network using a secure copy (SCP) command and Rsync command.

[ You might also like: How to Secure and Harden OpenSSH Server ]

In this article, we will show you how to set up password-less login on RHEL-based Linux distributions such as CentOS, Fedora, Rocky Linux & AlmaLinux, and Debian-based distributions such as Ubuntu & Mint using ssh keys to connect to remote Linux servers without entering a password.

Using Password-less login with SSH keys will increase the trust between two Linux servers for easy file synchronization or transfer.

My Setup Environment
SSH Client : 192.168.0.12 ( Fedora 34 )
SSH Remote Host : 192.168.0.11 ( CentOS 8 )

If you are dealing with a number of Linux remote servers, then SSH Password-less login is one of the best ways to automate tasks such as automatic backups with scripts, synchronization files using SCP command, and remote command execution.

[ You might also like: 25 Outstanding Backup Utilities for Linux Systems ]

In this example, we will set up SSH password-less automatic login from server 192.168.0.12 as user tecmint to 192.168.0.11 with user sheena.

Step 1: Create Authentication SSH-Keygen Keys on – (192.168.0.12)

First login into server 192.168.0.12 with user tecmint and generate a pair of public keys using the following command.

$ ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/tecmint/.ssh/id_rsa): [Press enter key]
Created directory '/home/tecmint/.ssh'.
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Press enter key]
Your identification has been saved in /home/tecmint/.ssh/id_rsa.
Your public key has been saved in /home/tecmint/.ssh/id_rsa.pub.
The key fingerprint is:
5f:ad:40:00:8a:d1:9b:99:b3:b0:f8:08:99:c3:ed:d3 [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
|        ..oooE.++|
|         o. o.o  |
|          ..   . |
|         o  . . o|
|        S .  . + |
|       . .    . o|
|      . o o    ..|
|       + +       |
|        +.       |
+-----------------+

Create SSH RSA Key

Step 2: Upload SSH Key to – 192.168.0.11

Use SSH from server 192.168.0.12 and upload a new generated public key (id_rsa.pub) on server 192.168.0.11 under sheena‘s .ssh directory as a file name authorized_keys.

$ ssh-copy-id [email protected]

Step 3: Test SSH Passwordless Login from 192.168.0.12

From now onwards you can log into 192.168.0.11 as sheena user from server 192.168.0.12 as a tecmint user without a password.

$ ssh [email protected]

SSH Remote Passwordless Login

In this article, you’ve learned how to set up an SSH Passwordless login using an ssh key. I expect that the process was straightforward. If you have any questions, please post them in the comment section below.

If you liked this article, then do subscribe to email alerts for Linux tutorials. If you have any questions or doubts? do ask for help in the comments section.

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

277 thoughts on “How to Setup SSH Passwordless Login in Linux [3 Easy Steps]”

    • @Dragonmouth,

      Passwordless authentication is safe, secure, and easy to use, as it reduces attack vectors by eliminating password management practices…

      Reply
  1. ssh [email protected]
    [email protected]’s password:
    Permission denied, please try again.
    [email protected]’s password:
    Permission denied, please try again.
    [email protected]’s password:
    Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password,hostbased).

    The problem is I tried the methods related to public key generation. But no matter I do what it always keeps asking for a password and my permission gets denied.
    All conventional methods have failed.
    Need urgent help.

    Reply
  2. Hey,

    I’m just copy-paste for the same command. But it’s asking password!

    Please guide me for the same :

    SSH Client : 10.10.10.4
    SSH Remote Host: 10.10.10.5

    Step 1: Create Authentication SSH-Keygen Keys on – (10.10.10.4)

    [[email protected] ~]$ ssh-keygen -t rsa
    

    Step 2: Create .ssh Directory on – 10.10.10.5

    [[email protected] ~]$ ssh [email protected] mkdir -p .ssh
    

    Step 3: Upload Generated Public Keys to – 10.10.10.5

    [[email protected] ~]$ cat .ssh/id_rsa.pub | ssh [email protected] 'cat >> .ssh/authorized_keys'
    

    Step 4: Set Permissions on – 10.10.10.5

    [[email protected] ~]$ ssh [email protected]  "chmod 700 .ssh; chmod 640 .ssh/authorized_keys"
    

    Step 5: Login from 10.10.10.4 to 10.10.10.5 Server without Password

    [[email protected] ~]$ ssh [email protected] 
    

    [email protected]:/root$ ssh [email protected].5
    [email protected].5’s password:

    Thanks
    Raj

    Reply
    • Hi, I was in the same situation, but I make the next simple and more natural steps (from an SSH perspective)

      After you create keygen, make:

       
      $ ssh-add id_rsa
      

      So the server print: “Identity added: (id_rsa)”.

      next

      $ ssh-copy-id [email protected]  
      

      System request the CRDB password and later the server print: “Number of keys (s) added: 1”

      finally, you can do:

      $ ssh [email protected]
      

      Also, you must check the /eth/ssh/sshd_config in your remote server (in your case 10.10.10.5) and set the next values :

      PermitRootLogin yes #only if you will be use root user
      PubkeyAuthentication yes # required yes
      PasswordAuthentication yes # you can set to NO when requires only SSH passwordless, and check that works fine, but also check after closing any terminal because can close any access!!
      UsePAM yes # required
      

      When making any change over ssh, will need to restart ssh service in your remote server:

      $ sudo service sshd restart
      OR
      $ sudo systemctl restart sshd 
      

      Regards!
      Juan

      Reply
  3. Thank you so much for this very good explanation.

    I searched multiple sites till I got here.

    My issue resolved.

    Reply
  4. I have set the passwordless login, but after login, I have run the script in mid-time connection is closed. Where can set the timings for these connections?

    Reply
  5. That is a wonderful article explaining passwordless authentication Ravi. I had been looking for something just like this.

    Passwords are out there on their way. Many individuals are already comfortable with being authenticated without a password, such as using FaceID on iOS or scanning a fingerprint on Android, and organizations are gradually moving to passwordless authentication; a way to prove the identity of an online user for enhanced security purposes using an alternate factor other than a password.

    I read a similar article about the same, the link of which I am sharing here: https://www.loginradius.com/blog/start-with-identity/2019/10/passwordless-authentication-the-future-of-identity-and-security/

    I’ll be sharing your article with my friends and colleagues. Till then keep up the good work Ravi :)

    Reply

Got something to say? Join the discussion.

Have a question or suggestion? Please leave a comment to start the discussion. Please keep in mind that all comments are moderated and your email address will NOT be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.