In a daily maintenance activity of Linux systems it might become a little bit frustating authenticating through SSH to each system having to enter the password again and again.
There’s a simple way to allow secure, authenticated remote access, file transfer, and command execution without having to remember passwords for each individual host you connect, that is, by using RSA keys.
The $HOME/.ssh/authorized_keys file contains the RSA keys allowed for RSA authentication. Each line contains one key, which consists of the following fields:
options, bits, exponent, modulus and comment
The first field is optional, bits, exponent and modulus fields give the RSA key and the last field isn’t used at all in the authentication process, but it will be somewhat convenient to the user, for instance to know which key is for which machine.
Before we start, make sure your computer has a ssh client installed and the remote Linux system has ssh installed and sshd running, with RSA authentication enabled (RSAAuthentication yes in /etc/ssh/sshd_config).
1. Generate the local RSA key:
# ssh-keygen -t rsa
Set NO password by pressing ENTER when prompting for it. This will enable passwordless authentication when using the RSA keys.
Your plublic key has been generated and stored in /root/.ssh/id_rsa.pub.
2. You will need to upload it to each Linux system you often log in.
# scp .ssh/id_rsa.pub username@remote_linux_system:~
3. Next, connect to the remote host through SSH, with the username you used in the step above. RSA authentication won’t be available just yet, so you’ll have to use the old method to login.
4. Once you are connected, add the new hostkey to the file /root/.ssh/authorized_keys or /home/user/.ssh/authorized_keys. If the .ssh directory doesn’t exist, create it.
# cd $HOME # cat id_rsa.pub >> .ssh/authorized_keys
And that’s all. It’s time to test the passwordless connection:
# ssh username@remote_linux_system