Set up SSH key-based authentication to connect from your local machine to a remote server without entering a password each time.
Prerequisites
- Access to both local and remote machines
- SSH server running on remote machine
- Terminal/command-line access
Setup Steps
1. Generate SSH Key Pair
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519- Press Enter twice when prompted for passphrase (or set one for added security)
- Skip this step if you already have an SSH key
- Creates two files:
id_ed25519(private key) andid_ed25519.pub(public key)
2. Copy Public Key to Remote Server
ssh-copy-id username@remote-server-ipReplace:
usernamewith your remote usernameremote-server-ipwith the server's IP address or hostname
Example:
ssh-copy-id john@192.168.1.100- Enter your remote server password when prompted
- This is the last time you'll need to enter the password
3. Test the Connection
ssh username@remote-server-ipSuccess: You connect without a password prompt
Failure: You're still asked for a password (troubleshoot below)
Troubleshooting
Still Asking for Password?
Check permissions on remote server:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keysVerify SSH server configuration (/etc/ssh/sshd_config):
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
Restart SSH service (on remote server):
sudo systemctl restart sshdKey Not Found?
Manually copy the key:
cat ~/.ssh/id_ed25519.pub | ssh username@remote-server-ip "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"Security Best Practices
-
Protect your private key
- Never share
~/.ssh/id_ed25519 - Set appropriate permissions:
chmod 600 ~/.ssh/id_ed25519
- Never share
-
Use a passphrase (recommended)
- Adds extra security layer
- Use
ssh-agentto avoid typing it repeatedly
-
Disable password authentication (after key setup works)
- Edit
/etc/ssh/sshd_configon remote server - Set:
PasswordAuthentication no - Restart SSH:
sudo systemctl restart sshd
- Edit
Platform-Specific Notes
macOS
- Open Terminal (Spotlight → "Terminal")
- SSH client pre-installed
Linux
- Use default terminal emulator
- SSH client typically pre-installed
Windows
- Use PowerShell, Command Prompt, or Git Bash
- Windows 10/11 has built-in SSH client
- Alternative: Use PuTTY with PuTTYgen for key generation
Common Use Cases
- Remote server administration
- Git operations (GitHub, GitLab, etc.)
- Automated scripts and deployments
- Development environment access
- File transfers with
scporrsync
Additional Resources
Test key authentication:
ssh -v username@remote-server-ipThe -v flag shows verbose output for debugging
Use specific key file:
ssh -i ~/.ssh/custom_key username@remote-server-ipAdd key to SSH agent (avoid passphrase prompts):
ssh-add ~/.ssh/id_ed25519Summary
| Step | Command | Purpose |
|---|---|---|
| 1 | ssh-keygen -t ed25519 | Generate key pair |
| 2 | ssh-copy-id user@host | Copy public key to server |
| 3 | ssh user@host | Test passwordless connection |
Once configured, you can connect to your remote server securely without typing passwords, making workflows faster and enabling automation.