How to setup an SSH login using host keys instead of a password.

Posted: July 24, 2017. At: 9:08 AM. This was 5 months ago. Post ID: 10980
Page permalink.
WordPress uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters. These cookies expire two weeks after they are set.

To setup an SSH login on your Linux machine that does not require a password and uses SSH host keys instead, follow this simple guide.

Firstly, generate a set of keys for your SSH login.

ubuntu ~/Documents $ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/ubuntu/.ssh/id_rsa): /home/ubuntu/Documents/id_rsa
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ubuntu/Documents/id_rsa.
Your public key has been saved in /home/ubuntu/Documents/
The key fingerprint is:
51:da:f2:4a:b0:45:3d:5c:97:67:22:c1:52:6b:df:df ubuntu@darkstar
The key's randomart image is:
+--[ RSA 2048]----+
|        .o.++... |
|       . += ooo o|
|      . = .oo. + |
|       + + . . . |
|      . S .   . .|
|       . .      o|
|        .       E|
|                 |
|                 |

Then copy the contents of the file into the ~/.ssh/authorized_keys file on the server that you wish to be able to access.

cat >> ~/.ssh/authorized_keys

After this logging into the SSH server using only the keys for access should work. This is how easy it is to set this up.

jason@localhost ~ $ ssh -i ServerWOPR.pem ubuntu@ -p 22

This option in the /etc/ssh/sshd_config configuration file will allow you to disable password authentication once the key configuration is verified as working.

# Change to no to disable tunnelled clear text passwords
PasswordAuthentication no

And now the SSH configuration on your server will be more secure, just make sure the keys are not stolen.

Very old CRT terminal.
Very old CRT terminal.

No comments have been made. Use this form to start the conversation :)

Leave a Reply