How to Set Up SSH Key-Based Authentication for Remote Login Without a Password

Posted on by Sam Galope
penguin holding key guarding a door. angsy. grungy gritt. textured

SSH key-based authentication is a method to securely access remote servers without using a password. This technique enhances security by replacing traditional password-based logins with cryptographic keys. In this guide, we’ll show you how to configure SSH key-based authentication to set up remote SSH login without a password.

Related: How to Prevent SSH Session Timeout on macOS and Linux

penguin holding key guarding a door. angsy. grungy gritt. textured

Step 1: Generate SSH Key Pair

Open the Terminal on your local machine:

For macOS, Linux, or Windows, you’ll need a terminal that supports SSH, like Git Bash or the default terminal.

Generate the SSH key pair:

Run the following command in your terminal:

$ ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

This command generates a public-private key pair, a crucial step in setting up SSH key-based authentication.

Follow the prompts: Save the key in the default location or specify a different path if needed. Consider setting a passphrase for extra security.

Step 2: Copy the SSH Public Key to the Remote Server

Copy the public key to the remote server:

$ ssh-copy-id username@remote_host

This command copies the public key to the remote server, enabling SSH key-based authentication.

Enter your password:

After entering your password for the last time, the server will be configured to use your SSH key for future logins.

Step 3: Test the SSH Key Authentication

Connect to the remote server:

$ ssh username@remote_host

You should now be able to log in without entering a password, thanks to SSH key-based authentication.

Troubleshooting: If prompted for a password, ensure file permissions are set correctly. The ~/.ssh directory should have permissions of 700, and ~/.ssh/authorized_keys should be 600.

Step 4: (Optional) Disable Password Authentication on the Remote Server

To further enhance security, consider disabling password authentication entirely:

Edit the SSH configuration file:

$ nano /etc/ssh/sshd_config

Disable password authentication:

Find and modify the following line:

PasswordAuthentication no

Restart the SSH service:

$ sudo systemctl restart sshd

Conclusion

Implementing SSH key-based authentication provides a secure and convenient way to manage remote logins. By following this guide, you’ve not only improved your security posture but also streamlined your SSH login process.

For further reading on SSH security and best practices, you might find these resources useful:

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *