When we work with remote servers, the most common way to connect is through SSH (Secure Shell). If you’ve ever managed Linux servers or deployed applications, chances are you’ve used it.
In this article, we’ll walk through what SSH is, how to use it for login, and finally how to set up password-less login across multiple servers.
What is SSH?
SSH (Secure Shell) is a protocol that let us securely connect to another machine over an insecure network. It’s widely used by developers, system admins, and DevOps engineers to:
- Log in to remote servers
- Run commands
- Transfer files
- Manage systems securely
Unlike older methods like Telnet, SSH encrypts all communication. This means our credentials and data are safe from eavesdropping.
How to Log In Using SSH
The basic syntax of an SSH login is:
ssh username@hostname
-
username→ the user account on the remote server -
hostname→ the server’s IP address or domain name
Example
If we have a server at 172.16.238.10 with a user tony:
ssh tony@172.16.238.10
You’ll be prompted to enter the password for that user. Once authenticated, you’ll get a shell on the remote machine.
The Problem with Passwords
Typing a password every single time quickly becomes annoying, especially when we need to log into multiple servers or run automation scripts. Passwords also pose security risks if they are weak or reused.
This is where SSH keys come in.
Password-less SSH Login
SSH keys allow us to authenticate without typing a password. The idea is simple:
- Generate a pair of keys on our local machine (private + public).
- Copy the public key to the remote server.
- When we connect, the server verifies our private key against the stored public key.
If they match, we can login without any password.
Step 1: Generate SSH Keys
On the client machine (in our case, the jump host with user thor):
ssh-keygen -t rsa -b 4096
- Press Enter to accept the defaults.
- Leave the passphrase empty (important for automation).
This creates two files:
-
~/.ssh/id_rsa→ your private key (keep it safe!) -
~/.ssh/id_rsa.pub→ your public key (share this with servers)
Step 2: Copy the Public Key to the Server
To enable password-less login, copy the public key to the server:
ssh-copy-id -i ~/.ssh/id_rsa.pub username@hostname
Example
For a server at 172.16.238.10 with user tony:
ssh-copy-id -i ~/.ssh/id_rsa.pub tony@172.16.238.10
You’ll be asked for the password one last time. After that, you’ll be able to log in without it.
Step 3: Log In Without a Password
Now test it:
ssh tony@172.16.238.10
This time we can connect directly, without any password prompt.
Real-World Example: Multiple App Servers
Here’s a real setup where we had to configure password-less login for a jump host user (thor) to multiple application servers.
| Server Name | IP | Hostname | User | Password | Purpose |
|---|---|---|---|---|---|
| stapp01 | 172.16.238.10 | stapp01.stratos.xfusioncorp.com | tony | Ir0nM@n | Nautilus App 1 |
| stapp02 | 172.16.238.11 | stapp02.stratos.xfusioncorp.com | steve | Am3ric@ | Nautilus App 2 |
| stapp03 | 172.16.238.12 | stapp03.stratos.xfusioncorp.com | banner | BigGr33n | Nautilus App 3 |
We ran:
ssh-copy-id -i ~/.ssh/id_rsa.pub tony@172.16.238.10
ssh-copy-id -i ~/.ssh/id_rsa.pub steve@172.16.238.11
ssh-copy-id -i ~/.ssh/id_rsa.pub banner@172.16.238.12
Now, the thor user can log in to all app servers without typing passwords.
Password-less sudo
Sometimes, our scripts need sudo privileges. By default, sudo asks for a password. We can configure users for password-less sudo.
On each app server, edit the sudoers file:
sudo visudo
Add:
username ALL=(ALL) NOPASSWD:ALL
Replace username with tony, steve, or banner.
Conclusion
- Automate scripts
- Manage multiple servers with ease
- Strengthen security with keys over passwords
Top comments (1)
👍💯