DEV Community

Cover image for Setting Up Passwordless Authentication on Servers Using Public Keys and Passwords
Onifade Julius
Onifade Julius

Posted on

Setting Up Passwordless Authentication on Servers Using Public Keys and Passwords

Passwordless authentication is a fast way of connecting to remote servers in a secure and fast manner. It helps solve the issue of forgotten password or password being compromised. Passwordless authentication can be done via ssh keypairs or configured passwords.

This guide shows the step by step process of how I set it up using public key and password automation

1. Setting Up Passwordless Authentication Using Public Keys

Password Authentication relies on pair of keys both public and private> . The public key is stored on the server, while the private key remains on the client machine. The process involves matching the private key to the public key, allowing access without the need for a password.

Step 1: Generate SSH Key Pair

Generate an SSH key pair on the from which you’ll be connecting to the server.

ssh-keygen -t rsa -b 4096
Enter fullscreen mode Exit fullscreen mode

Image description

You will be asked to input a file location and passphrase. Press Enter to accept the default location and to also leave the passphrase empty

Step 2: Give the Keypair File read and write command

chmod 600 <PATH to pem file> 
Enter fullscreen mode Exit fullscreen mode

This changes the permission of the pem file to read and write

Step 3: Copy Public key to Remote Machine

ssh-copy-id -f "-o IdentityFile <PATH TO PEM FILE>" ubuntu@<INSTANCE-PUBLIC-IP> 
Enter fullscreen mode Exit fullscreen mode

Image description

ssh-copy-id: This is the command used to copy your public key to a remote machine.
-f: This flag forces the copying of keys, which can be useful if you have keys already set up and want to overwrite them.
"-o IdentityFile ": This option specifies the identity file (private key) to use for the connection. The -o flag passes this option to the underlying ssh command.
ubuntu@: This is the username (ubuntu) and the IP address of the remote server you want to access.

Then you would be asked to input this command.

ssh -o  'IdentityFile <PATH TO PEM FILE>' 'ubuntu@<INSTANCE-PUBLIC-IP>' 
Enter fullscreen mode Exit fullscreen mode

Image description

You have not successfully access the remote machine. To see if it would work when you try it again you can

exit
Enter fullscreen mode Exit fullscreen mode

Step 3: Test Passwordless Authentication

Whenever you want to log in to the machine subsequent time use,

ssh username@server_ip_address
Enter fullscreen mode Exit fullscreen mode

If everything is configured correctly, you should be able to log in without being prompted for a password.


2. Setting Up Passwordless Authentication Using Password

While SSH key authentication is more secure, there are cases where password-based automation is required, such as in legacy systems or automation scripts.

You can manually connect or log into your instance or server.

Step 1: Access the sshd_config file

sudo vim /etc/ssh/sshd_config.d/60-cloudimg-settings.conf
Enter fullscreen mode Exit fullscreen mode

Step 2: Update Password Authentication

Change the password authentication to YES

Image description

Step 3: Restart SSH

You restart the ssh to make the new changes take effect by running the command

sudo systemctl restart ssh
Enter fullscreen mode Exit fullscreen mode

Step 4: Set Password

You set password that you would be asked subsequent when you want to log into that machine running the command.

sudo passwd ubuntu
Enter fullscreen mode Exit fullscreen mode

Image description

Let's confirm that the password is set.

exit 
Enter fullscreen mode Exit fullscreen mode
ssh-copy-id ubuntu@<INSTANCE-PUBLIC-IP>
Enter fullscreen mode Exit fullscreen mode

You would then be asked to input the set password you created above, after then you would run the command

ssh 'username@server_ip_address'
Enter fullscreen mode Exit fullscreen mode

This method is generally not recommended for production environments due to security risks of storing plaintext passwords, but it can be useful for automated tasks in controlled environments.

NOTE

  • Use SSH Keys: Public key authentication is more secure and should be preferred over password-based methods.

5. Conclusion

Passwordless authentication is a key feature in securing and ensuring fast server access. Using public keys is the recommended method for passwordless SSH logins due to its enhanced security and ease of use.
By following the steps in this guide, you can set up secure passwordless authentication on your servers and improve your overall workflow efficiency.

Top comments (0)