Enabling Remote System Access Without Requiring a Password

You can create a key pair that doesn't require a passphrase, which is useful for scripted environments where a tool might need SSH access to a remote system but shouldn't prompt for a passphrase.

For general use, and as a better practice, set a passphrase on the private key and then to use the SSH Agent to remember key passphrases for the entire login session. See Using the SSH Key Agent to Remember Passphrases for more information.

However, using the SSH Agent isn't always practical and for some services that are loaded at boot time you might need to create a key that doesn't use a passphrase.

To use OpenSSH utilities to access a remote system without supplying a password each time that you connect:

  1. Use ssh-keygen to generate a public and private key pair, for example: 

    ssh-keygen

    The command output is similar to the following sample output. 

    ...
Enter file in which to save the key (/home/user/.ssh/id_sshkey): <Enter>
Created directory '/home/user/.ssh'.
Enter passphrase (empty for no passphrase): <Enter>
Enter same passphrase again: <Enter>
...

    Press Enter each time the prompt to enter a passphrase appears.

  2. Copy the public key to the remote server. See Copy the public key to the remote server.

  3. If the usernames are different on the client and the server systems, create a $HOME/.ssh/config file entry for this connection. See Setting SSH Client Configuration Options For a Host.

  4. Validate that permissions for the $HOME/.ssh configuration files are correct on both the server and client side. See Validating Configuration Permissions for more information.

  5. To access the remote system without supplying a password, use ssh to sign in to the remote system to verify that the $HOME/.ssh/authorized_keys file contains only the keys for the systems from which you expect to connect, for example: 
    ssh remote_user@host

If the key file is named in a nonstandard way, you can specify which key file to use by using the -i option when you connect: 

ssh -i $HOME/.ssh/my_private_key remote_user@host

For more information, see the ssh-copy-id(1), ssh-keygen(1), and ssh_config(5) manual pages.