Normally when you SSH into a computer, you need to provide a username and it will prompt you for your password, like this:
$ ssh joe@server_machine joe@server_machine's password:
By generating a public-private key pair on the local machine and sharing the public key with a remote machine, you can SSH to the remote machine without providing a login or being prompted for a password.
After this setup is done, you will operate like this:
$ ssh server_machine $ That is it! You are logged in without login or password!
To set this up:
- Generate a public-private key pair on your local computer. If you already have one (probably you generated it for Github) and want to use that, then skip this step.
$ ssh-keygen -t rsa -b 4096 -C "email@example.com"
This generates a public key in
~/.ssh/id_rsa.pub and its corresponding private key in
- We need to add the public key from local machine to the
~/.ssh/authorized_keysfile on the remote computer you are logging to. You can do this manually. However, the
ssh-copy-idscript does this for you. Just pass the remote computer name as input:
$ ssh-copy-id remote_machine
If there is no
~/.ssh/authorized_keys file on the remote machine, this script will create it for you. If the file exists, your public key from local machine will be appended to the existing file.
- Make sure that the permissions of the
-rwx------and of the
-rw-------. Otherwise SSH will determine that the keys are not safe and you will still get asked for your password.
That is it! You can now SSH directly to this server machine!
Reference: Arabesque: Linux Crypto – SSH Keys
Tried with: Ubuntu 14.04