How to set up passwordless login on a server
This guide presumes that you are able to connect to the remote server over SSH and login with a password.
Create a secure folder to store keys etc.
Change to home directory: cd ~
Create the hidden folder: mkdir .ssh
Set the required access permissions: chmod 700 .ssh
Generate the keys
Change to the secure directory: cd .ssh
Generate a public and private key :ssh-keygen -f server_name
server_name is what you would like the private key file to be called.
This command asks for a passphrase, but press enter to not set one. Host keys must have an empty passphrase.
Two keys are generated: a private key as named and a public key with .pub appended to the name. The private key should never be copied to another device. But, the public key may be exposed since it is only useful when used with the secret private key.
Set the access permissions of the private key: chmod 600 server_name
Move the public key to the server
We will use the secure copy command to do this. We need the IP address of the server and the login details of the user.
The command is: scp server_name.pub user@192.168.1.22: Here we specified the name of the public key file, the user, and the IP address of the server followed by a colon (:).
The colon is important and is often followed by a path, but in this case the file will be sent to the users home folder.
You are prompted to enter the user password, and then the file is transferred.
Authorize the public key on the server
Login to the server over SSH in your terminal.
Create the hidden folder: mkdir .ssh
Set the required access permissions: chmod 700 .ssh
Now move the public key to the secure folder: mv server_name.pub .ssh/
Change to the secure directory: cd .ssh
Authorize the public key by appending it to a file called authorizedkeys.
This is a way to do it: cat server_name.pub >> ~/.ssh/authorized_keys
What this is actually doing is using the cat command to concatenate files (join them) to standard output but pipe the result to the authorized_keys file, and create the file if it doesn’t exist already.
Set the required access permissions: chmod 700 authorized_keys
If the users home folder, the .ssh folder, and the authorized_keys file have unsecure permission settings then the SSH server will refuse to use the keys.
Now we don’t need the public key file so may delete it rm server_name.pub.
Now exit from this session exit and go back to using your connecting computer.
You should now be able to connect to the server without being prompted for a password.
If it doesn’t work then run the ssh command with the -v option to get verbose details of the connection process. One possible issue may be the wrong name given to the authorized_keys file. Another common problem is the folder and file permissions being too lax.
Setting up a profile for the server
To make it easier to enter the details of the server such as the IP address, you may associate a nickname with the server and connect with ssh nickname.
The details are added to a file called config in the .ssh folder. The format of the entry is as follows:
Host nickname
Hostname 192.168.1.22
User admin
IdentityFile ~/.ssh/server_name
Of course add the correct IP address for your server, and username for the home directory user that you are logging into, and the IdentityFile is another word for the Private Key file on your PC associated with the public key on the server.
You may add many entries to this file for various servers that you want to connect to.