Configure Key-based Authentication
General Information
SSH key based authentication (password-less).
Lab Setup
The following virtual machines will be used:
- server1.example.com (192.168.1.150) → The SSH client
- server2.example.com (192.168.1.151) → The SSH server
SSH Key Creation and Distribution
Key based authentication involves a private and public key.
The private key stays on the source system, the public key is distributed to all remote systems.
Generate the private/public key pair.
ssh-keygen
- RSA is the default key type
- Prompted for file to save private key (~/.ssh/id_rsa)
- Prompted for file to save public key (~/.ssh/id_rsa.pub)
Copy the public key to a remote system
ssh-copy-id myserver
- Prompted for password login
- Next normal ssh login will be password-less
Key Pair with Passphrase
If you created the key pair with a passphrase, it is useful to cache the passphrase for a bash session to avoid re-entering it for each ssh connect.
Start the ssh-agent for the current shell
ssh-agent bash
Add the passphrase
ssh-add
- Prompted for the ssh key passphrase
Connect as normal with ssh, you should not be prompted for a password if the public key has already been copied to the remote server.