Published December 17th, 2007 by admin

How to Connect To Linux Hosts Without a Password (Key Authentication)

This how-to will show you how to connect to a Linux machine via SSH using a key rather than entering your password. This comes in very handy to build scripts that connect to machines for file transfer, backup and more and also saves you the hassle of entering your password every time you SSH into a machine.

This guide assumes that you have an SSH server setup on your “server” and an SSH client set up on your client. (sudo apt-get install openssh-server & sudo apt-get install openssh-client respectively)

First from the client run the following command logged in as your normal user account:

ssh-keygen

(Leave the password blank if you do not want to supply it on login, but remember to guard the created cert with your life as it opens the door to anyone that finds it…)

This creates id_rsa and id_rsa.pub in the ~/.ssh directory.

Next we want to upload the pub file to the remote server/host that you want to connect to:

scp ~/.ssh/id_rsa.pub remoteuser@remotehost:~/

Now that it is uploaded we have to authorize it by connecting to the remote machine (ssh user@remotehost) and running the following on the remote host:

cat id_rsa.pub >> ~/.ssh/authorized_keys

and then:

rm id_rsa.pub

to delete the uploaded file.

If the remote host does not have key authentication enabled (should be by default), ssh the machine and edit the config file like such:

nano /etc/ssh/sshd_config

and add/change the following to options as such:

RSAAuthentication yes
PubkeyAuthentication yes

then reload the config:

/etc/init.d/ssh reload

At this point you can check to make sure that you are allowed to log in via your key and if that is the case you can disable password authentication.

Edit the config again:

nano /etc/ssh/sshd_config

and set the following:

ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no


reload the config:

/etc/init.d/ssh reload

That it. You are now on your way to more secure/hassle free SSH authentication.

Technorati Tags: , ,


1 Response to “How to Connect To Linux Hosts Without a Password (Key Authentication)”

Feed for this Entry Trackback Address
  1. 1

    links for 2008-02-28 « packet filter

    Pingback on Feb 27th, 2008 at 10:02 pm

Leave a Reply

XHTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>