[Linux] Use SSH-KEY to login to SSH

Managing multiple Linux hosts can be troublesome when dealing with a large number of login passwords. Using SSH-KEY for logging into servers can effectively solve this problem. The following are the steps to achieve passwordless login to SSH using SSH-KEY. One set of SSH-KEY can be used for all servers.

  1. Use ssh-keygen to create the public and private keys for logging into remote SSH servers.

ssh-keygen -t [rsa|dsa] -C "comments"

-t can be used to choose between RSA and DSA keys

-C is optional for adding comments

After pressing enter, two files will be created in the ~/.ssh directory: id_dsa (private key) and (public key). Make sure to securely store the private key.

  1. Copy the public key to the corresponding user's ~/.ssh/ directory on the server.

  2. Execute the following command in the ~/.ssh/ directory of the server user:

cat >> authorized_keys

For the first time, use:

chmod 600 authorized_keys

Note that for security reasons, authorized_keys must have 600 permissions.

  1. Modify /etc/ssh/sshd_config to confirm if the public key authentication mode of SSHD is enabled:

# Allow public key authentication. Only applicable for SSH-2.
PubkeyAuthentication yes|no # Enable for SSH-2

Allow pure RSA public key authentication. Only applicable for SSH-1.

RSAAuthentication yes|no # Enable for SSH-1

  1. Exit the remote server and try logging in again:


  1. Modify /etc/ssh/sshd_config to disable password authentication for SSHD if needed:

Allow password-based authentication.

PasswordAuthentication yes|no

Allow challenge-response authentication.

ChallengeResponseAuthentication yes|no

  1. For MACOS systems, configure SSH connections locally by opening ~/.ssh/Config and editing the file. If it doesn't exist, create a new file.

Port 22
User root

Set preferred authentication method to public key

PreferredAuthentications publickey

Set the location of the private key file

IdentityFile ~/.ssh/id_dsa


Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.