Usually we can log in ssh with a login and password.
But in this article we will try something different:
how to make a login without a password?
In fact we will log in with what is called an SSH key, which will be stored on our machine and will prevent us from re-entering the password each time.
KEY COUPLE
We need a couple of keys : a private key and another public key which are linked by a mathematical process. The private key must never be communicated and must be kept secret. The public key can be exchanged with anyone. In fact, the goal will be to put it on the server on which we want to connect.
CREATE A KEY
To create a key, open the terminal and enter the command below, the parameter t specifies the type of encryption and the parameter b the number of bits.
ssh-keygen -t rsa -b 4096The program will ask you for a file name, by convention “id_rsa” is used, but you can name your key pair as you wish.
Then you have to enter a passphrase, a kind of password in case you have several users on your machine, so that they cannot use your own keys. For the example, leave blank by simply pressing enter, and also confirm the passphrase check.
key pair has been created!
PUBLIC KEY
Before we can start connecting with the new SSH key generated, we obviously need to add the public key on the server. The ssh-copy-id command will allow us to place the public key on the remote server, with the -i parameter it allows us to specify the identity file.
ssh-copy-id -i ~/.ssh/test_rsa.pub user_ssh@192.168.20.211ps: replace user_ssh with your user ssh and the IP 192.168.20.211 with the IP of your server
Enter the password and confirm the addition of the key, we should see the following message appear.
We have to check that the key is correctly installed, so let´s connect in ssh on the server and go to where the keys are stored.
cd .sshWe should see the authorized_keys file, a little bit of VIM to see what’s inside.
vim authorized_keysIf everything work well , we should find the contents of our public key in this file, it looks like something like that.
CONFIGURE THE CONNECTION
Now that everything is ready, Let us configure the connection with our private key. let´s go to the .ssh folder and edit the config file.
under Linux , let´s do it with vim
vim ~/.ssh/configLet´s add a Host with the name we want (eg: tapion), and specify three options, the User which is the SSH user we use to connect, the Hostname which is the IP address of the server or the domain name and finally the IdentifyFile which is the path to our private key.
LOG IN
ssh tapionreplace “tapion” with the name of our host
We just succeeded in configuring an SSH connection on a server. Now we no longer have to enter password to log in, it is the program that will use our private key to log in.