How to create a password less ssh connection in Linux

You can create a password less connection between two Linux box using RSA authentication. Before moving ahead with the steps to do so let us get to know RSA in brief.

RSA and DSA are used as an algorithm for public-key encryption


RSA and DSA keys are used for password authentication and providing much higher security for data transfer or connectivity between two remote machines.
  • RSA keys have minimum key length of 768 bits and the default length is 2048 bit.The key length of DSA is limited to 1024 bit so one can generate stronger RSA keys than DSA keys.
  • DSA encryption is faster as compared to RSA.
  • RSA can be used for both encryption and signing whereas DSA can only be used for signing.
  • RSA can be used with ssh v1 and v2 whereas DSA can only be used with v2
For generating ssh key using RSA here are the steps to be followed:

Server IP: 192.168.0.110
Client IP: 192.168.0.100
This command will generate a private(id_rsa) and a public(id_rsa.pub) key.


NOTE: Make sure you give a blank password when prompted as shown with blue color below
# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase
(empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
00:b2:0b:46:b8:63:a0:11:8a:b5:e6:6e:5d:9b:ff:5b
root@server.example.com
The key's randomart image is:
+--[ RSA 2048]----+
|ooo .            |
|B. + .           |
|*++   .          |
|== .   .         |
|..o   . S        |
| . . . o         |
|  o . o     E    |
| .     .   .     |
|        ..o.     |
+-----------------+

Now we need to copy the public key to the remote machine between which you want the secure shell connection.

Now copy the public key from the server machine to client (make sure the directories and files as mentioned exists on the client machine or else you will have to manually create them)

NOTE: authorized_keys is a file and not a directory. Do no mistake it as a directory and copy id_rsa.pub inside it. In the below command we are copying and renaming the file id_rsa.pub into authorized_keys

# scp /root/.ssh/id_rsa.pub  192.168.0.100:/root/.ssh/authorized_keys

On the client machine

# chmod 600 /root/.ssh/authorized_keys
# chmod 700 /root/.ssh
Now restart the ssh services on the server and client machines

# service sshd restart
Stopping sshd:                                            
[  OK  ]
Starting sshd:                                            [  OK  ]

Now try to connect your client server, you should be able to connect without password prompt

# ssh 192.168.0.100 

To change the RSA key

# ssh-keygen -p

Related Articles
How to create password less ssh connection for multiple non-root users