- To set up passwordless SSH login between two servers, typically with public key authentication, follow these steps:
-
Generate an RSA key pair on the server you’re copying from:
ssh-keygen -t rsa -b 4096 -C "username@hostname" -
Copy the public key to the destination server using
ssh-copy-id:ssh-copy-id user@destination-serverOr, if
ssh-copy-idis not available, manually copy the public key from your local.ssh/id_rsa.pubfile:cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys chown -R `whoami`:`whoami` ~/.ssh -
Add the destination server to your local
/etc/hosts.deny(optional):: deny from allThis helps prevent any unauthorized logins.
-
Configure
sshd_configon the destination server if necessary, such as settingPermitRootLoginandPasswordAuthentication, which you might want to disable for security reasons:sudo cat << EOF > /etc/ssh/sshd_config # Custom configuration options... PasswordAuthentication no PermitRootLogin no # ... EOF
5. **Restart the SSH service** on both servers:
sudo systemctl restart sshd
Now, you should be able to log in from one server to another using just your private key:
ssh user@destination-server
You'll be prompted once to confirm the public key fingerprint on the destination server. After that, SSH login will be passwordless.
**Note**: The specific commands might vary slightly based on your Linux distribution and version or if you're running macOS or Windows using Cygwin, Git Bash, etc. Always refer to your system's documentation for precise steps.