This post is mostly my own attempt at jotting down my notes for allowing password-less SSH authentication. The official Ubuntu documentation can be found here.
Step 1: Generate your Public Key
This is a one-time step typically. You can generate your SSH public key once and then install it on each server you want to setup password-less authentication.
ssh-keygen -t rsa
- You may be prompted to input where you want to save the new key. Typically the default location is fine.
- Also, you may be prompted for a password. This is optional and if you really don't want a password you should just hit
Step 2: Copy Your Public Key to Remote Server
In order for you're public key be recognized, you will need to upload it to the remote server. There are a couple ways you can do this. The easiest way is to use the
ssh-copy-id command on your local machine (if you have it installed). If that doesn't work you can SSH into the remove server and manually add the key.
Adding Your Public Key with
This should be the first method you try since, when it works, it's ridiculously simple.
$ ssh-copy-id user@JTBosUPRoutDev1 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "~/.ssh/id_rsa.pub" The authenticity of host 'remote_server' (10.0.0.1)' can't be established. ECDSA key fingerprint is SHA256:yQH48TjQ2zM1nb8YvwwQ2KVHKW0kcIvd48TjQ2zM1uS+tzQcNF00. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys user@remote_server's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'user@remote_server'" and check to make sure that only the key(s) you wanted were added.
Adding Your Public Key Manually
This method is a bit more convoluted but it gets the job done—so long as you're careful.
- Find your
id_rsa.pubfile you created up in Step 1.
- Copy the entire contents of the file
- SSH manually into the remote server.
- Open the file
~/.ssh/authorized_keysfor editing in Vim or your editor of choice.
- Paste the contents of your local
id_rsa.pubfile to the end of
~/.ssh/authorized_keys(starting a new line).
- Exit the SSH session and try to log in to the remote server again.
Voilà! No password needed!