SSH Login Without a Password

Before we get going, we need to get set up. So first, make sure you have access to a shell. On many unix platforms, you can use an app called Terminal, on Windows you can use PowerShell.

This may go without saying, but we must have a user configured (with SSH access) on a remote server. If you have a login user, make sure you know the username and password. For the remainder of this guide we'll use the following variables $USER and $PASSWORD to identify the credentials on the remote server. You can set these variables in your shell session to make copying and pasting these commands easier.

Obviously, replace the values with your own.

Linux + macOS

USER=remoteuser
PASSWORD=remotepassword
REMOTE=192.168.1.34

Windows

Before you can ssh into a server with PowerShell, you need to install OpenSSH. Open PowerShell as an administrator, and run the following command.

Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0

To remote into a server using ssh with PowerShell, run the following command with your username and server address. You don't need an administrator instance of PowerShell to complete this step.

ssh $USER@$REMOTE

You will be prompted for a password.

To get started, we'll need to generate SSH keys. I'll cover the basic instructions in this step, but you can follow the linked guide for more details.

Linux + macOS

Open a shell, and type the following:

ssh-keygen -t rsa

You'll be asked for a location and passphrase. Unless you need to do otherwise, just use the default location and skip the passphrase. Hit enter when both prompts appear to continue.

Windows

Open PowerShell and run the following:

ssh-keygen

The keys will be generated in the specified directory, usually C:\Users\Your_Username/.ssh. You will be prompted to create a passphrase, but it isn't required.

To add the keys to the local Windows 10 keystore, run the following:

Start-Service ssh-agent
ssh-add .\.ssh\id_rsa

Now we'll copy the public key to the remote server:

Linux + macOS

scp ~/.ssh/id_rsa.pub $USER@$REMOTE:

Windows

PowerShell doesn't have a file transfer protocol built into it. You will need to move the public key to the remote server using a third-party application like PuTTY or WinSCP.

ssh $USER@$REMOTE

This should be the last time you have to enter your password.

Now we'll need to move the contents of our public key to a new location, and delete the original key file.

cat id_rsa.pub >> .ssh/authorized_keys
rm id_rsa.pub

You might need to create the .ssh directory. If so, run the following before the commands above:

mkdir .ssh

It's essential that .ssh and authorized_keys have the correct set of permissions, otherwise login will fail. The .ssh directory should be 700 (meaning the user has full permissions, while group and global users do not). The authorized_keys file should be 600 (meaning the user can read and write, but group and global users have no access).

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Now, our work is done, and we can log out.

logout

Next time you SSH in to this remote machine, you should not be prompted for a password!

ssh $USER@$REMOTE