Password-Less SSH Access to Your Linux Machine or Raspberry Pi Using Public Keys

in #geek7 years ago

Password-Less SSH Login Linux

If you are logging in and out of a Linux machine, especially a Raspberry Pi on your local network, it can be a pain to keep entering a password. The longer and more secure your password, the more of a pain it can be. If only there was a secure but convenient alternative ...

Well, there is!

SSH and Public Keys


What we are going to do is set up a trusted kind of authentication for our shell access between the two computers. Technically we are creating what is called a "2048 bit RSA key pair". A bit like a super-password that you don't have to type in every time :)

The Steps


First, we need to see if you already have a key on your local machine by logging into your local terminal and using:

ls ~/.ssh

If you don't see a .pub file then you need one extra step. Enter:

ssh-keygen

to create one (just accepting the defaults is fine as prompted, unless you are more knowledgeable). You will get a couple of new files.

id_rsa.pub is your public key, which is what you share with the world.

Keep any other files private, especially your id_rsa, which is your private key.

Next, you need to output your file to the terminal so you can copy it to your clipboard, or you can FTP it up to the server if that is easier.

cat ~/.ssh/id_rsa.pub

Copy and paste to the terminal as part of this command:

echo ssh-rsa [YOUR COPYPASTE HERE] >> ~/.ssh/authorized_keys

This appends the key to your Authorized Keys file, essentially saying you get to log in without entering a password in future :)

(If the directory does not exist then mkdir ~/.ssh and try again)

Finally, set the permissions:

chmod 600 ~/.ssh/authorized_keys

That's it, you should now have freedom from passwords, at least between those two SSH terminals ;)

  • Image Source: BigStock


Posted from my blog with SteemPress : https://makerhacks.com/ssh-linux-raspberrypi-public-keys/
Sort:  

I always use keys with SSH, and always turn off ssh password auth. Especially on servers that are open to the Internet.

Also chmod 700 ~/.ssh to make sure the .ssh directory is only writeable by you.

Better to type in password often, what if your machine stole or another user get an access your super user now is on the risk.

If someone gets physical access to my machine and manages to log into it then I have bigger problems than my dev server being logged into ...

Interesting information........

Please upvote my comment and post......