This article assumes that the host name of server is “server1.techpulp.com” and that of client machine is “client1.techpulp.com“. You can replace these with your own domain names or IP addresses to suit your needs.

Login to the server system to which you would like password-less login.

[neo@client1 ~]$ ssh neo@server1.techpulp.com
neo@server1.techpulp.com's password:
[neo@server1 ~]$

Generate a RSA key pair in the server as shown below. Just press ENTER key when it prompts for passphrase. The following example may be exactly as shown below and may vary based on the version of ssh-keygen present in your server system. But it prompts you for same input as shown below. Basically it generates two files “id_rsa” and “id_rsa.pub“.

[neo@server1 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/neo/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/neo/.ssh/id_rsa.
Your public key has been saved in /home/neo/.ssh/id_rsa.pub.
The key fingerprint is:
31:07:e7:70:71:ea:41:40:c0:f8:39:52:0a:f8:96:b4 neo@server1.techpulp.com
The key's randomart image is:
+--[ RSA 2048]----+
| .   o.o=.=..    |
|. o . o  B o     |
| o + + .o =      |
|  E o +  = .     |
| .   . .S .      |
|                 |
|                 |
|                 |
|                 |
+-----------------+
[neo@server1 ~]$

Now append id_rsa.pub to your authorized_keys file a shown below. Note that you are still doing this in the server system.

[neo@server1 ~]$ cd ~/.ssh
[neo@server1 ~]$ cat id_rsa.pub >> authorized_keys
[neo@server1 ~]$ chmod 600 authorized_keys

Now logout of the server and come back to the client system. Then copy the “id_rsa” file from the server system to client system in a specific directory as shown below.

[neo@server1 ~]$ exit
[neo@client1 ~]$ mkdir -p ~/.ssh
[neo@client1 ~]$ cd ~/.ssh
[neo@client1 .ssh]$ scp neo@server1.techpulp.com:.ssh/id_rsa ./
neo@server1.techpulp.com's password:
.ssh/id_rsa                                          100% 2587     2.5KB/s   00:00
[neo@client1 .ssh]$ chmod 600 id_rsa

That’s it. Now you are all set to try password-less login to the server system. But remember the file “id_rsa” is a secret file and it is not supposed to be accessible to anyone else. If someone gets your “id_rsa” file, they can also login to the server without password as you do. That is the reason behind changing the access permissions of that file to 600.

Now let us test the password-less login from client1 to server1. The same applies to any file transfer using “scp” or “sftp“.

[neo@client1 ~]$ ssh neo@server1.techpulp.com
[neo@server1 ~]$