• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Geek Diary

CONCEPTS | BASICS | HOWTO

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • Linux Services
    • VCS
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
    • Data Guard
  • DevOps
    • Docker
    • Shell Scripting
  • Interview Questions
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to Setup SSH keys for “passwordless” ssh login in Linux

By admin

The post list out the steps to setup ssh keys to configure passwordless ssh in Linux. ssh-keygen is the command used to generate the public and private keys if you have not done it already. With ssh-copy-id command, we can copy the keys to the destination server to which we want to have a passwordless ssh setup.

1. Login as the user that you want to setup the ssh keys. In this case, we are using user sandy.

2. Create a private and public key for the user sandy. Press enter twice when asked for the passphrase as we are going to keep the passphrase empty.

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/sandy/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /Users/sandy/.ssh/id_rsa.
Your public key has been saved in /Users/sandy/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Y2lfHXY1+i5Pok1NuhsfZ16JsIrdUzY1699SwlvOHOY sandy@Sandeeps-MacBook-Air.local
The key's randomart image is:
+---[RSA 2048]----+
|               ..|
|              . o|
|             .o .|
|         .   o.= |
|        S  ...ooo|
|       o o .o+O++|
|          ..oB=#=|
|        o o.+ @EO|
|       . o o.+.+=|
+----[SHA256]-----+
Note: You can specify an option on the ssh-keygen like the size and the type . You can find more information on the man page of ssh-keygen command

From the man page of ssh-keygen :

-b bits

Specifies the number of bits in the key to create. For RSA keys, the minimum size is 768 bits and the default is 2048 bits. Generally, 2048 bits is considered sufficient. DSA keys must be exactly 1024 bits as specified by FIPS186-2.

-t type

Specifies the type of key to create. The possible values are “rsa1” for protocol version 1 and “dsa”, “ecdsa” or “rsa” for protocol version 2.

3. New Keys will be located on /home/test1/.ssh. Move to your .ssh directory were the key was created check for the public

$ cd .ssh
$ $ ls -lrt id*
-rw-r--r--  1 sandy  staff   414 Oct 20 20:35 id_rsa.pub
-rw-------  1 sandy  staff  1675 Oct 20 20:35 id_rsa

4.Copy the public key to the target server.

$ ssh-copy-id -i id_rsa.pub test1@lab02
The authenticity of host 'lab02 (192.168.219.149)' can't be established.
RSA key fingerprint is dd:0c:77:26:da:f4:ed:30:64:26:96:29:b3:38:cc:9c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'lab02,192.168.219.149' (RSA) to the list of known hosts.
test1@lab02's password:

Verify

1. Now try logging into the machine, with “ssh ‘test1@lab02′”, and check the file ~/.ssh/authorized_keys to make sure we haven’t added extra keys that you weren’t expecting.

2. Test your key, you should login directly your target server without it asking for a password.

$ ssh test1@lab02
[test1@lab02 ~]$

alternate method if ssh-copy-id command is not available

If your server does not have the openssh-clients package installed, you can use an alternate method. You can directly copy the public key using the scp command.

$ cat id_rsa.pub | ssh user@lab02 "cat >> ~/.ssh/authorized_keys"

Filed Under: Linux

Some more articles you might also be interested in …

  1. How To Disable Or Extend System Logging Rate-limit on CentOS/RHEL 6
  2. How to Disable NetworkManager in CentOS/RHEL 8
  3. How to enable CUPS Debugging on CentOS/RHEL
  4. Understanding /etc/security/limits.conf file
  5. How to recover deleted Logical volume (LV) in LVM using vgcfgrestore
  6. CentOS / RHEL : How to collect sosreport
  7. How to run a cron job on specific days of the week
  8. How to Create and Query a BTRFS File System
  9. CentOS / RHEL 7 : How to modify the kernel command line
  10. CentOS / RHEL : Converting an Existing Root Filesystem to LVM Partition

You May Also Like

Primary Sidebar

Recent Posts

  • How to Disable IPv6 on Ubuntu 18.04 Bionic Beaver Linux
  • How to Capture More Logs in /var/log/dmesg for CentOS/RHEL
  • Unable to Start RDMA Services on CentOS/RHEL 7
  • How to rename a KVM VM with virsh
  • Archives
  • Contact Us
  • Copyright

© 2021 · The Geek Diary