Password-Less SSH Access to Your Linux Machine or Raspberry Pi Using Public Keys
If you are logging in and out of a Linux machine, especially a Raspberry Pi on your local network, it can be a pain to keep entering a password. The longer and more secure your password, the more of a pain it can be. If only there was a secure but convenient alternative ...
Well, there is!
SSH and Public Keys
What we are going to do is set up a trusted kind of authentication for our shell access between the two computers. Technically we are creating what is called a "2048 bit RSA key pair". A bit like a super-password that you don't have to type in every time :)
The Steps
First, we need to see if you already have a key on your local machine by logging into your local terminal and using:
ls ~/.ssh
If you don't see a .pub file then you need one extra step. Enter:
ssh-keygen
to create one (just accepting the defaults is fine as prompted, unless you are more knowledgeable). You will get a couple of new files.
id_rsa.pub is your public key, which is what you share with the world.
Keep any other files private, especially your id_rsa, which is your private key.
Next, you need to output your file to the terminal so you can copy it to your clipboard, or you can FTP it up to the server if that is easier.
cat ~/.ssh/id_rsa.pub
Copy and paste to the terminal as part of this command:
echo ssh-rsa [YOUR COPYPASTE HERE] >> ~/.ssh/authorized_keys
This appends the key to your Authorized Keys file, essentially saying you get to log in without entering a password in future :)
(If the directory does not exist then mkdir ~/.ssh
and try again)
Finally, set the permissions:
chmod 600 ~/.ssh/authorized_keys
That's it, you should now have freedom from passwords, at least between those two SSH terminals ;)
- Image Source: BigStock
Posted from my blog with SteemPress : https://makerhacks.com/ssh-linux-raspberrypi-public-keys/
I always use keys with SSH, and always turn off ssh password auth. Especially on servers that are open to the Internet.
Also
chmod 700 ~/.ssh
to make sure the .ssh directory is only writeable by you.Have a look at the command:
To hear the speech version of this post click the play image.
Brought to you by @tts. If you find it useful please consider upvote this reply.
Better to type in password often, what if your machine stole or another user get an access your super user now is on the risk.
If someone gets physical access to my machine and manages to log into it then I have bigger problems than my dev server being logged into ...
Interesting information........
Please upvote my comment and post......
Here are some links for those interested that are related to this post:
https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2
https://www.digitalocean.com/community/tutorials/ssh-essentials-working-with-ssh-servers-clients-and-keys
This series of tutorial from the funtoo guys is very cool if you want to understand the topic in more depth:
https://www.funtoo.org/OpenSSH_Key_Management,_Part_1
https://www.funtoo.org/OpenSSH_Key_Management,_Part_2
https://www.funtoo.org/OpenSSH_Key_Management,_Part_3