How to SSH Without Password Using RSA Keys

/ Linux Commands

This article will go over the step by step instructions for generating RSA keys on Linux and then transferring them to a remote system. Afterwards, you’ll be able to SSH to the remote machine without needing to enter a password.

Using SSH with RSA keys is a lot more secure than entering a password. It’s obviously a lot more convenient as well.

1. Enter the following command to generate RSA keys. This should be done on the system you want to SSH from.

$ ssh-keygen -t rsa

You’ll need to press enter three times after entering the command. The RSA keys will generated and stored in the user’s ~/.ssh directory. You should see some output that looks like this:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/linuxnightly/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/linuxnightly/.ssh/id_rsa
Your public key has been saved in /home/linuxnightly/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:Gl6fxclnDlVDidPuOJqTTWUUS3benGM0eBA9NfVGCjQ linuxnightly@webserver
The key's randomart image is:
+---[RSA 3072]----+
|           .EoOX@|
|             *+&X|
|              B=B|
|           o o.=.|
|      . S   * B  |
|     . + . o O . |
|      o   o * o  |
|           = .   |
|            .    |
+----[SHA256]-----+

2. Next, use the ssh-copy-id command to copy the public RSA key over to the system (or systems) that you plan to SSH into. You’ll be prompted for a password, but this will be the last time. Substitute your own username and hostname (or IP address) into this example.

$ ssh-copy-id -i ~/.ssh/id_rsa.pub user@hostname

You should see some output similar to that below.

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/linuxnightly/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.207.133.153's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@10.207.133.153'"
and check to make sure that only the key(s) you wanted were added.

That’s all there is to it. You’re now be able to use your usual SSH command to login, but will no longer be prompted for a password.

Leave a Comment

Your email address will not be published. Required fields are marked *