4 Steps to login Linux server without password

Last updated: April 3, 2023
David Cao
Linux

In this article, we will learn how to enable password-less login on Linux using ssh key.

Using Password-less login with SSH key will increase the trust between two Linux servers.

Here are 4 steps to log in to Linux without the password.

create SSH Key on Client
Copy public key to remote server
Disable password login on the server – optional
login server with the private key

Create SSH Key on Client

We can use ssh-keygen command to generate SSH keys in Linux.

Generate a key pair with the following command. The default SSH key type is RSA. Check this post to know which SSH Key type is more secure in Linux.
Press Enter to confirm the default location (that is, ~/.ssh/id_rsa) for the newly created key.
Enter a passphrase, and confirm it by entering it again when prompted to do so.
Check the SSH public key file and private key file with ls command under ~/.ssh/ directory
Change the permissions of the ~/.ssh/ directory and key files

Here are the commands we use for generating SSH keys.

# ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/john/.ssh/id_rsa):
The key fingerprint is:
SHA256:6ezTTbbipomsipqJrsmqHFkGeM0VMPDv24PhimnbD+Y john@TOCAO-M-F13P
The key’s randomart image is:
+—[RSA 4096]—-+
| ..o.o. |
|. + o |
|… + |
| .. . . |
| o . S |
| + ..o o |
| o o..oo. + . |
|+=o* oo=o.+ o |
|^==oE+= =*.. |
+—-[SHA256]—–+

$ chmod 700 ~/.ssh

$ chmod 600 ~/.ssh/id_rsa.pub
$ chmod 600 ~/.ssh/id_rsa

Copy public key to remote server

There are two parts for this.

Append the content of ~/.ssh/id_rsa.pub into the ~/.ssh/authorized_keys file on the server-side.
Change the permissions of the ~/.ssh/authorized_keys file and ~/.ssh using the following command on the server-side.

We can use these three commands to copy the public key to the remote server and change permission.

cat ~/.ssh/id_rsa.pub | ssh user@ssh-server.example.com “cat >> ~/.ssh/authorized_keys”

$ chmod 600 ~/.ssh/authorized_keys

$ chmod 700 ~/.ssh

We can also use command ssh-copy-id for this.

$ ssh-copy-id -i keyfile user@hostname

Disable Password login on the server – optional

We need to change the sshd configuration to disable password login. This part is optional.

Ensure this option “PasswordAuthentication no” in /etc/ssh/sshd_config in server
Add this configuration “PubkeyAuthentication yes ” in /etc/ssh/sshd_config
To enable the change, restart the SSH daemon with this command “systemctl restart sshd “

Now we can log in to the remote server without a password.

Login server with the private key

Use the key to log in to the SSH server as shown in the following example, which loads the key in file ~/.ssh/id_rsa and logs in as user user@ssh-server.example.com

ssh -i ~/.ssh/id_rsa user@ssh-server.example.com

Troubleshooting Guide for SSH login without Password

most time the root user is not allowed to log in with ssh. This can be verified with the configuration in /etc/ssh/sshd_config file.
check the log /var/log/messages. and /var/log/secure for the login issue
check the permission of the ssh key directory and even the .ssh directory
use ssh -vvvv to print debug info about access process

David Cao

David is a Cloud & DevOps Enthusiast. He has years of experience as a Linux engineer. He had working experience in AMD, EMC. He likes Linux, Python, bash, and more. He is a technical blogger and a Software Engineer. He enjoys sharing his learning and contributing to open-source.

howtouselinux.com is dedicated to providing comprehensive information on using Linux.

We hope you find our site helpful and informative.

Learn More

RHCSA Practice Exam

RHCSA Practice Exam A General Notes Here are some tips to ensure your exam starts with a clean environment: You do not need external servers

5 formas de verificar la dirección IP en Linux

Cómo verificar la dirección IP en Linux En el entorno de Linux, es esencial poder verificar la dirección IP de su sistema. La dirección IP

50 RHCSA exam questions and answers

The RHCSA (Red Hat Certified System Administrator) exam is a performance-based certification exam offered by Red Hat. It is designed to validate the skills and

Understanding Linux MAC Addresses: 10 Common Questions Answered

Understanding MAC address in Linux In Linux, a MAC address (Media Access Control address) is a unique identifier assigned to a network interface. It is

Search files by size in Linux

There are a few different ways to search files by size in Linux. One way is to use the find command. The find command is

2 ways to fix could not load server certificate file ‘server.crt’: No such file or directory in PostgreSQL

The error “could not load server certificate file ‘server.crt’: No such file or directory” in PostgreSQL indicates that the server is unable to find the

Enable SSL in Postgresql

Enabling SSL in PostgreSQL is a straightforward process that only requires three simple steps: Make sure we have the server certificate and key files available

2 ways to Preserve file permissions when copying files in Linux

Preserve file permissions using -p option in cp command To preserve the file permissions when copying files or directories using the cp command, you can

2 ways to fix cp Permission denied error

The error message “cp: Permission denied” typically occurs when the user doesn’t have permission to access the source file or the destination directory. Here are