Home SSH How To Set Up SSH Public and Private Key in Linux

How To Set Up SSH Public and Private Key in Linux

SSH or Secure Shell Protocol is a cryptographic network protocol that is used to securely access a remote machine from another computer over an unsecured network via the command line. With SSH, you can execute commands on remote Linux systems and servers, send/transfer files, and normally manage everything you do from one place.

When you are operating with multiple Linux servers in various locations, or if you are just trying to save some ideal time accessing these servers, you will want to use an SSH public and private key pair to make life much easier by logging into remote machines and running commands without entering passwords. Also, the SSH key pairs are more secure as they are not vulnerable to common brute-force password hacking attacks.

[ You might also like: How to Restrict SSH Access to Certain Users in Linux ]

In this article, you will learn the process of creating the SSH keys and setting up your Linux servers for easy remote passwordless access with said keys.

Step 1 – Creating the SSH Key Pair

The first step is to login into your local Linux machine and create an SSH key pair using the following command into your local command line:

$ ssh-keygen -t rsa

Which will display the following:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/ravi/.ssh/id_rsa):

Here, you can press ENTER to keep the files to the default location in the .ssh directory. Alternately, you can pick a different file name or location by typing it after the prompt and hitting ENTER.

Next the system will ask you to enter a passphrase:

Enter passphrase (empty for no passphrase):

While a passphrase is not required, but it’s up to you whether you want to use a passphrase or not. If you want to use it, you should mention a passphrase to protect the key from unauthorized use. When you mention a passphrase, you must enter the passphrase to connect to the system.

Enter again to proceed to generate a private key without a passphrase:

Enter the same passphrase again: 

You now should have an RSA type public and private key pair in your /home/ravi/.ssh directory:

$ ls -l .ssh/
Create SSH Key Pair
Create SSH Key Pair

Step 2 – Copying the SSH Public Key to Your Server

Once the SSH key pair is created, it is time to copy the public key (id_rsa.pub) on the server that you are going to be accessing under the server’s authorized_keys file with the ssh-copy-id command as shown. Make sure to change the username and IP address of your server:

$ ssh-copy-id [email protected]
Copy SSH Public Key Server
Copy SSH Public Key Server

Once the key is copied, you will be able to log into the server without being prompted for a password. However, if you set a passphrase while creating your SSH key, you will be asked to provide the passphrase at that time.

Step 3 – Connect to Server Without SSH Password

Now try to log into the remote server, it will place you on the command line in your home directory without prompting you for a password or passphrase:

$ ssh [email protected]
Login to Server Without Password
Login to Server Without Password

Make sure to check the following permissions are applied on the .ssh/ directory and .ssh/authorized_keys file.

$ chmod 700 .ssh/ 
$ chmod 600 .ssh/authorized_keys
Check SSH Key Permissions
Check SSH Key Permissions

In this article, you have learned how we created an SSH key pair, copied our public key to a server, and accessed the server without a password.

Ravi Saive
I am an Experienced GNU/Linux expert and a full-stack software developer with over a decade in the field of Linux and Open Source technologies. Founder of TecMint.com, LinuxShellTips.com, and Fossmint.com. Over 150+ million people visited my websites.

Each tutorial at UbuntuMint is created by a team of experienced writers so that it meets our high-quality standards.

Was this article helpful? Please add a comment to show your appreciation and support.

Got something to say? Join the discussion.

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published or shared. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.