How-To SSH Key Authentication & Password-less Logins

Copying SSH keys from machine-to-machine allows for authentication without having to enter a password. This is very useful for running scripts and cronjobs, or any automated task where secure shell access to remote machines are required. It also has the benefits of been more secure because the keys are hard to crack.

How does passwordless authentication work?

Basically, you generate two long random alphanumerical strings one for the public key and one for the private key. For the authentication to work, the private key is required to unlock the public key by matching the keys as a pair and giving access to the desired machine or service.

Generating the keys

Firstly login to your linux box (can be any distro Ubuntu, Debian, CentOS, Redhat etc) and issue the following command;

ssh-keygen -t rsa -b 4096

The entire key generation process looks like this;

ssh-keygen -t rsa -b 4096

Generating public/private rsa key pair.
Enter file in which to save the key (/home/dominictaylor/.ssh/id_rsa): [PRESS ENTER]
Enter passphrase (empty for no passphrase): [PRESS ENTER]
Enter same passphrase again: [PRESS ENTER]
Your identification has been saved in /home/dominictaylor/.ssh/id_rsa.
Your public key has been saved in /home/dominictaylor/.ssh/id_rsa.pub.
The key fingerprint is: 4a:dd:0a:c6:35:4e:3f:ed:27:38:8c:74:44:4d:93:67 dominictaylor@ubuntu01
The key's randomart image is:
+--[ RSA 2048]----+
|       o=.       |
|    o  o++E      |
|   + . Ooo.      |
|    + O B..      |
|     = *S.       |
|      o          |
|                 |
|                 |
|                 |
+-----------------+
The public key is now located in /home/dominictaylor/.ssh/id_rsa.pub
The private key (identification) is now located in /home/dominictaylor/.ssh/id_rsa

Copy SSH Keys from Host to Host

Once the key pair is generated, it's time to place the public key on the virtual server that we want to use. We do this because the Private Key is secret to us, hence the public key is stored on our server.

You can copy the public key into the new machine's authorized_keys file with the ssh-copy-id command;
(Remember to Change Port, Username & Hostname)

ssh-copy-id -p 22 username@hostname

EXAMPLE

ssh-copy-id -p 922 dominictaylor@ubuntuserver

Alternatively, if ssh-copy-id isn't installed then you can use the following command;
(Remember to Change Port, Username & Hostname)

cat ~/.ssh/id_rsa.pub | ssh -p 22 username@hostname "mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys"
    
EXAMPLE

cat ~/.ssh/id_rsa.pub | ssh -p 922 dominictaylor@ubuntuserver "mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys"

Getting folder already exists error? This means there is already a folder named authorized_keys so all we do then is just copy the file;
(Remember to Change Port, Username & Hostname)

cat ~/.ssh/id_rsa.pub | ssh -p 22 username@hostname "cat >> ~/.ssh/authorized_keys"
    
EXAMPLE

cat ~/.ssh/id_rsa.pub | ssh -p 922 dominictaylor@ubuntuserver "cat >> ~/.ssh/authorized_keys"

To copy the key to the clipboard for pasting then you may use the following command

cat ~/.ssh/id_rsa.pub | pbcopy