Feb 16, 2020 Private key (idrsa) is kept at source computer (local machine) from where you have to ssh. Public Key (idrsa) is kept at Destination Server (Remote Server), the Server you want to access. Step 3- Create a file name authorizedkeys in side.ssh directory and copy the content of idrsa.pub file to authorizedkeys file. Go to.ssh directory. SSH also offers passwordless authentication. In this scenario, a public-private key pair is manually generated. The public key is placed on all remote systems and allows access to the owner of the matching private key. The owner is responsible for keeping the private key secret.
- You need your SSH public key and you will need your ssh private key. Keys can be generated with ssh-keygen. The private key must be kept on Server 1 and the public key must be stored on Server 2. This is completly described in the manpage of openssh, so I will quote a lot of it. You should read the section 'Authentication'.
- A user private key is key that is kept secret by the SSH user on his/her client machine. The user must never reveal the private key to anyone, including the server (server administrator), not to compromise his/her identity.
- SSH clients will typically use /.ssh/identity (ssh v1) or one of /.ssh/idrsa or /.ssh/iddsa (v2) as the default private key. You can change this in /.ssh/config (the IdentityFile parameter - the -i option to SSH actually overrides this. See man sshconfig for details).
This tutorial explains the Passwordless SSH using Public Key and Private Key in Linux.
SSH stands for Secure SHELL, is a protocol used to connect remote hosts to login or performing some tasks using scripts.
When we want to automate some tasks on remote hosts using scripts from a centralized server like Jenkins/Ansible or any Linux Server, we may require a password less connection between the remote hosts and the centralized Server.
In this tutorial, we will learn to create Passwordless SSH login using public key and private key. Follow the step by step guide to make your ssh connection passwordless.
Private Key Example
This tutorial will work for Linux Destro such as Centos, Ubuntu, Redhat, Amazon Linux(AWS EC2) and Other as well.
Recommended Read:How to Install Jenkins on Ubuntu
Also Read : Git Tutorial for beginners (Part I)
Scenario
We have one Local Machine and one Remote Server.We will setup a passwordless connection to login Remote Server from the local Machine.
Perform following steps on the remote Server
Step 1– Create an User and login or login as an existing user.
$ useradd devops
$ su – devops
Step 2 – Generate a key pair ( Public key and Private Key) using ssh-keygen command.
Before running this command make sure you are on home directory of the user.If not you can go to the home directory by cd ~ command.
Private Key Ssh Authentication
$ cd ~
$ ssh-keygen -t rsa
It will ask for some details. Do not put anything here and press ENTER only.
By ls -al command you can see a hidden directory .ssh and two files namely id_rsa and id_rsa.pub inside .ssh directory are created.Here id_rsa is the Private key and id_rsa.pub is the Public Key.
Private key(id_rsa) is kept at source computer(local machine) from where you have to ssh. Public Key(id_rsa) is kept at Destination Server(Remote Server) , the Server you want to access.
Step 3- Create a file name authorized_keys in side .ssh directory and copy the content of id_rsa.pub file to authorized_keys file.
Go to .ssh directory
Pony hair paint brush. $ cd ~/.ssh/
Create an empty file name authorized_keys
$ touch authorized_keys
Copy the content of id_rsa.pub to authorized_keys
External hdd for mac. $ cat id_rsa.pub > authorized_keys
Check the authorized_keys file if contents are copied.
$cat authorized_keys Vanguard bears twitter account.
Step 4 – Change the permission of authorized_keys
$ chmod 600 authorized_keys
Step 5– Copy the content of id_rsa file
Use cat command to display the content of id_rsa and copy its content.
$ cat id_rsa
Remove Ssh Private Key Passphrase
On the local Machine
Step 1– Create a file and paste the content of id_rsa copied from remote server inside this file. You can use nano command to perform this action.
Create a file name devops.key using nano command , paste the content and pres Ctrl+X to save and close the file.
$ nano devopys.key
Private Key Ssh
Step 2 – SSH remote Server from local machine without using password.
$ sudo ssh -i path-to-private-key [email protected]
$ sudo ssh -i devops.key [email protected]
I hope you enjoyed this tutorial and learned Passwordless SSH login using public key and private key. If you think this is really helpful, please do share this to other as well. Please also share your valuable feedback, comment or any query in the comment box.I will really happy to resolve your all queries.
Thank You
If you think we helped you or just want to support us, please consider these:-
Connect to us: Facebook | Twitter