How to ssh to a server without password

This post is over 3 years old, so please keep in mind that some of its content might not be relevant anymore.

Connecting to a Linux box with an algorithm for public-key cryptography like RSA is, firstly, more secure and, secondly, more convenient.

More secure because, as the Ubuntu documentation sais: "Key-based authentication is the most secure of several modes of authentication usable with OpenSSH, such as plain password (the default with Ubuntu) [...]. Key-based authentication has several advantages over password authentication, for example the key values are significantly more difficult to brute-force, or guess than plain passwords, provided an ample key length."
SSH can use either RSA (Rivest Shamir Adleman) or DSA (Digital Signature Algorithm) keys but, due to some weaknesses recently discovered (of DSA), RSA is the only recommend choice.

More convenient because, obviously, you can login into another box without having to remember the password.

Moreover you can get access to that box trough other services. For example, from Nautilus you can add a bookmark like this:

 
sftp://[email protected]/home/my_username
 

and with one click you access any folder on that server. Pretty handy I think..

So, let's see how you enable the access password less.
First of all you need to generate the RSA keys:

 
ssh-keygen -t rsa
 

This will generate your private and public keys in the "~/.ssh/" folder.
The file containing the public one is called "id_rsa.pub" and this is the file we need to copy to the server.
You can copy it any way you like.

I would use scp:

 
scp ~/.ssh/id_rsa.pub [email protected]:~/.ssh/id_rsa_local.pub
 

Now, login in your server and, in the "~/.ssh/" folder, concatenate your public key to a file called "authorized_keys2" (create the file if it doesn't exist):

 
cd ~/.ssh/
cat id_rsa_local.pub >> authorized_keys2
 

and you are done.

Enjoy the ssh password less convenience! :-)

One thought on “How to ssh to a server without password”

Leave a Reply

Your email address will not be published.