In this article, we describe how to set up an SSH login that does not use passwords on Ubuntu 22. Having a login without a passsword is an easy and convienevt way to SSH into a computer without have to remember any password as well as the added layer of security.

SSH is ideal for managing remote systems because of its password-less option that uses public/private keys instead of passwords, keeping system passwords safe.

This article uses ssh-copy-id, a utility that greatly simplifies the procedure by copying the local host’s public key to the remote host’s authorized keys file and by verifying file permissions and ownership.

 

The following steps show how to setup password-less SSH login:

Generating a key pair

Start by generating a key pair. A key pair includes a .pub (public key) that you share with remote computers and a private key that you never share. You can generate the key pair by using the command below and following the prompts, usually just pressing enter the whole time, make sure you do not enter a passphrase:

ssh-keygen -t rsa

The following below is an example of the output of the command:

[root@lz .ssh]# ssh-keygen -t rsa 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/my_id 
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/my_id.
Your public key has been saved in /root/.ssh/my_id.pub.
The key fingerprint is:
1c:ee:bb:76:b2:42:34:02:e2:85:b6:c9:a5:01:d5:f7 root@lz.test-server.com
The key's randomart image is:
+--[ RSA 2048]----+
|  ..o            |
|...o . .         |
|..o.. . o        |
| . ...oo E       |
|  . ooo.S        |
|   + o..         |
|    ..  .        |
|      . o..      |
|       .+*       |
+-----------------+

Verify Keys

Navigate to the directory in which you created the keys and confirm that the above command has succeeded. The output below is what it would look like when your have successfully created the keys:

[root@lz .ssh]#cd /root/.ssh/ 
[root@lz .ssh]# ls 
id_dsa      identity      id_rsa      jlan         my_id      test
id_dsa.pub  identity.pub  id_rsa.pub  known_hosts  my_id.pub  test.pub
[root@lz .ssh]#

Copy Public Key to Target System

In this next step, we copy the public key that we generated in the steps above to the target system to allow us to log in successfully. The destination system is lz-dest2 in the example below, copy it to the system that you want password-less SSH access to, which in this example is lz-dest2.

[root@lz .ssh]# ssh-copy-id -i my_id.pub root@lz-dest2

Test Login

At this point you should now be able to login into the remote machine without a password. The command below allows you to try to do just that:

[root@cae .ssh]# ssh lz-dest2 
Last login: Sat Oct  2 11:37:55 2010 from lz.test-server.com [root@lz-dest2- ~]#

That’s it. You should be able to login now going forward. Is some cases, on systems where the public key is disabled which is used for passwordless , check the configuration file named /etc/ssh/sshd on the target computer for the following settings:

RSAAuthentication yes
PubkeyAuthentication yes

While this is conviniet and secure, anyone with access to the computer with the SSH key would be able to log into the target computer. It’s still generally considered secure than typing your password in regularly.

By faiz

Tinggalkan Balasan

Alamat email Anda tidak akan dipublikasikan. Ruas yang wajib ditandai *