Public-key authentication allows you to access a server without needing a password. To enable this, copy your SSH public key to the server's authorized_keys file in the user's ~/.ssh directory. This setup enables secure and passwordless logins.
The most efficient way to copy your SSH key to the server is by using the ssh-copy-id command. This method automates the process and ensures that the key is correctly added. You can also manually copy the public key if needed by editing the authorized_keys file directly on the server.
Ensuring your SSH key is properly added to the server is important for maintaining secure access. Once the key is in place, you can log in and run commands without entering a password, which is especially useful for automated tasks.
Steps to copy SSH public key to server using ssh-copy-id:
- Open the terminal on your local machine.
- Locate your SSH public key in the ~/.ssh directory.
$ ls ~/.ssh/id* /home/user/.ssh/id_rsa /home/user/.ssh/id_rsa.pub
The public key is normally the one with the .pub extension.
- Verify that the key is in the OpenSSH format.
$ file .ssh/id_rsa.pub .ssh/id_rsa.pub: OpenSSH RSA public key
authorized_keys file accepts public keys in OpenSSH format.
- Use the ssh-copy-id command to add the public key to the server.
$ ssh-copy-id user@remote-host The authenticity of host 'remote-host (192.168.111.135)' can't be established. ECDSA key fingerprint is SHA256:hXGpY0ALjXvDUDF1cDs2N8WRO9SuJZ/lfq+9q99BPV0. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 2 key(s) remain to be installed -- if you are prompted now it is to install the new keys user@remote-host's password: Number of key(s) added: 2 Now try logging into the machine, with: "ssh 'user@remote-host'" and check to make sure that only the key(s) you wanted were added.
If you want to use other public key rather that then one in the default location, use the -i option.
$ ssh-copy-id -i ~/.ssh/other_key.pub user@remote-host
- Test the connection to the server using your SSH key.
$ ssh -i .ssh/id_rsa user@remote-host Welcome to Ubuntu 19.04 (GNU/Linux 5.0.0-20-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage System information as of Sat Jun 29 11:31:23 UTC 2019 System load: 0.16 Processes: 211 Usage of /: 25.8% of 19.56GB Users logged in: 1 Memory usage: 13% IP address for ens33: 192.168.111.135 Swap usage: 0% * MicroK8s 1.15 is out! It has already been installed on more than 14 different distros. Guess which ones? https://snapcraft.io/microk8s 0 updates can be installed immediately. 0 of these updates are security updates. Last login: Sat Jun 29 11:08:20 2019 from 192.168.111.1
Alternative methods:
- Manually append your public key to the remote SSH server's key to authorized_keys file. For example, copy the content of your ~/.ssh/id_rsa.pub to the server's ~/.ssh/authorized_keys file.
- Using the following command combination
$ cat ~/.ssh/id_rsa.pub | ssh user@remote-host 'cat >> ~/.ssh/authorized_keys'
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
Comment anonymously. Login not required.