Create SSH Username and Group for passwordless SSH:
groupadd pwdssh useradd pwdssh -g pwdssh
Ensure you are now login as user pwdssh:
Generate a new SSH key pair.
The following command will generate a new 4096 bits SSH key pair with your email address as a comment. Press Enter to accept the default configurations, edit any information you required:
ssh-keygen -t rsa -b 4096 -C "email@example.com" Enter file in which to save the key (/home/yourusername/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Choose empty passphrase for automation.
To be sure that the SSH keys are generated you can list your new private and public keys with:
ls /home/yourusername/.ssh/id_* /home/yourusername/.ssh/id_rsa /home/yourusername/.ssh/id_rsa.pub
Copy the public key
Now that you generated a SSH key pair, in order to be able to login to your server without a password you need to copy the public key to the server you want to manage. On your local machine terminal type:
ssh-copy-id remoteusername@server_ip_address You will be prompted to enter the remoteusername password: remoteusername@server_ip_address's password: or you can manually copy the file /home/yourusername/.ssh/id_rsa.pub and write into /home/remoteusername/.ssh/authorized_keys
If your SSH server is not using standard port, use the command below:
ssh-copy-id "-p PORT remoteusername@server_ip_address"
Login to your server using SSH keys
After completing the steps above you should be able login to the remote server without being prompted for a password.To test it just try to login to your server via SSH:
If everything went well, you will be logged in immediately.
Ensure below options are enabled: RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys UsePAM yes AllowUsers pwdssh
Ensure following are the permissions
ls -l /home/yourusername/.ssh/ total 20 -rw-r--r--. 1 pwdssh pwdssh 399 May 5 14:53 authorized_keys -rw-r--r--. 1 pwdssh pwdssh 761 Jan 12 15:59 config -rw-------. 1 pwdssh pwdssh 1671 Jan 12 15:44 id_rsa -rw-r--r--. 1 pwdssh pwdssh 399 Jan 12 15:44 id_rsa.pub -rw-r--r--. 1 pwdssh pwdssh 410 Jan 12 15:46 known_hosts Also, ensure the permissions for /home/yourusername/.ssh directory are: drwx------. 2 pwdssh pwdssh 4096 May 5 14:56 .ssh