5 min read April 27, 2017 at 11:25am
In our knowledge base, you can find the traditional way of using SSH to log securely in to your virtual private server; but, the chances are you need to connect to remote servers many times a day. You open your terminal, type the SSH formula, go to your password manager, look for your user’s password and then press “Shift” plus “Insert” to add the password to the command line. Soon, this process can start to annoy you.
Fortunately, there is a method to log in to servers without using passwords. To use that method, you need to generate both private and public key pairs by hand. The good news is that it is not as complex as it sounds. Even if you are a complete beginner at the command line, this guide gives you a step-by-step approach to accomplish this task without confusion.
Linux, Mac, and Windows users can follow the steps shown here; our tutorial has two parts: the first one illustrates how to create key pairs in the command line and the second uses PuTTY as an example.
Using SSH without passwords on Linux, Mac, and ‘Bash on Windows’
ssh-keygen is the tool used here to generate authentication keys, but it is not only a key generator;
ssh-keygen can also manage and convert keys. Learning how this command and its options work can be vital, especially if you are trying to defend your system against an intruder. In this case, you need to rapidly generate new key pairs and analyze hashes and fingerprints. The ssh-keygen documentation can give you extra information if needed.
The steps to create authentication keys from the command line are straightforward though.
1) Open the terminal application of your preference.
2) The first command uses the following formula:
ssh-keygen -t type [-C comment]
-t option specifies the type of the key to create; b) and the
-C option1 represents commentaries.
rsa is the key type to make, and, in the comment field, you can insert your e-mail in quotes, as shown in the next image:
3) In this step, the program asks where you would like to save the keys. Usually, the default option is the best choice. Press Enter to continue.
4) This stage is the most critical to this process because the goal is to log in to your server without using passwords. For that reason, leave the password field empty by pressing Enter.
ssh-keygen ask you to confirm your action, just press Enter again. After that, the first part of this process is finished. The following screenshot shows an example of the result given by the command.
ssh-keygen points where both keys were saved and displays the key’s fingerprint and randomart image.
6) Now it is time to connect to your virtual private server. Moreover, you need to create a directory to receive the public key. To perform it, you can use the following formula:
ssh [user@]hostname. If it is the first time you are connecting to your virtual private server,
root is the only user available. In this case, follow the subsequent screenshot as an illustration and substitute the IP address shown for the IP of your VPS.
7) If it is the first time you are accessing your VPS on your local machine, SSH tends to alert you that it cannot establish the authentication of your server. In most situations, it is okay; type “yes” and press Enter to proceed with the process. When SSH asks for your password, just insert it, and press Return again. You can check our knowledge base if you are facing problems following these steps or need an extra explanation.
8) Once you are logged in to your VPS, use the
pwd command to be certain that you are in the right user's home directory. In our example, the user is
/root is the right place to create the
9) Then type
mkdir .ssh and press Enter to create a directory for the public key.
10) You can use the
ls -A command to certify the directory was created. Then check it with
ls -l .ssh to confirm that it is empty.
11) The process is almost done. Just one last thing needs to be done: sending the public key to the directory created in the steps above. Start by logging out of your server; you can use the command
exit to close the connection.
12) In your local home directory, type
ls -a to find the keys directory and
ls -A .ssh to see everything that it contains. You should see a file called
id_rsa.pub. This file is the public key generated in the second step of this tutorial.
13) The next instruction is a slightly long; it is not one single command but multiple commands and operators combined to perform a single action: create a copy of the public key in the
.ssh directory of your server. You only need to perform it once. Furthermore, it should be the last time you need to enter the password of your virtual private server for authentication. Just type
cat .ssh/id_rda.pub | ssh email@example.com “cat >> .ssh/authorized_keys”
You obviously need to substitute the IP address shown in this example for your VPS IP.
14) Now, you can log in to your virtual private server without using passwords. Just type the ssh formula (
ssh [user@]hostname) to see whether it is working for you or not.
Congratulations! Now you are able to authenticate via SSH without using passwords. Comment and let us know if you succeed.
1 Observe that “C” is capitalized.