Passwordless ssh login

Intro

In this article, we are going to set up passwordless ssh login from your local computer to your remote vps instance. In order to do that, in our vps instance, we'll create a new user, generate ssh keys and we may need to generate ssh keys in our local computer too if we don't have a pair of ssh keys yet.

Remote VPS instance

Let's create a new user first:

  >> adduser example_user

and add user to sudo group

>> adduser example_user sudo

Let's try to sign in to our VPS instance with example_user but we'll need to use password this time:

>> ssh example_user@ipv4

Generate ssh keys in order to harden access

Generate ssh keys in our remote vps instance:

>> ssh-keygen -b 4096

View the pub and private keys:

>> cat ~/.ssh/id_rsa.pub
>> cat ~/.ssh/id_rsa

Now we have ssh keys ready in our remote vps instance so we will need to generate ssh keys for our local computer too if we don't have one yet.

Local computer ssh setup

Generate ssh keys in our local computer:

>> ssh-keygen -b 4096
>> cat ~/.ssh/id_rsa.pub

Upload public key to remote vps instance

Upload public key from our local computer to remote vps instance so we won't need to use password for ssh login:

>> ssh-copy-id example_user@ipv4

Let's try to sign in again via ssh but this time you won't need to use password:

>> ssh example_user@ipv4

SSH Daemon Options

Let's disable PermitRootLogin and PasswordAuthentication in our remote vps instance in order to harden access:

>> nano /etc/ssh/sshd_config

set value for PermitRootLogin and PasswordAuthentication to no:

# Disallow root logins over SSH
PermitRootLogin no

# Disable password login
PasswordAuthentication no
ChallengeResponseAuthentication no

# To listen only on IPv4
AddressFamily inet

And now we need to restart ssh service to apply the config changes that we made:

>> sudo service sshd restart || sudo systemctl restart sshd

Ref => Getting Started with Linode

Ref => Securing Your Server

Ref => 2 Simple Steps to Set up Passwordless SSH Login on Ubuntu

Go Back.