How to Setup Secure SSH Without Password on Linux CentOS

This quick post will show the steps to setup SSH access without password, but with passphrase key on Linux CentOS. After completely performed the following steps, you can ssh from one system to another without specifying any password. This steps has been tested on CentOS 6.3 and may working on other CentOS versions and Redhat Enterprise linux versions as well.

Client =
Server =

1. Create Public and private keys from openssh and save it :

[root@client ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/
The key fingerprint is:
9c:41:a8:b5:d1:7f:64:c5:91:89:38:bf:5a:4c:30:16 root@centos63.ehowstuff.local
The key's randomart image is:
+--[ RSA 2048]----+
|       o. Eo +o+ |
|      +.. * + +  |
|     o o.o B     |
|    . .. o. +    |
|        S  + .   |
|            +    |
|           o     |
|          .      |
|                 |
[root@client ~]# ls -l /root/.ssh/
total 8
-rw------- 1 root root 1743 Oct  4 23:04 id_rsa
-rw-r--r-- 1 root root  411 Oct  4 23:04

2. Change the mode of public key :

[root@client ~]# chmod 600 /root/.ssh/
[root@client ~]# ls -l /root/.ssh/
total 8
-rw------- 1 root root 1743 Oct  4 23:04 id_rsa
-rw------- 1 root root  411 Oct  4 23:04

3. Make a .ssh directory in the home of the user on server :

[root@server ~]# mkdir .ssh
[root@server ~]# cd .ssh/
[root@server .ssh]# pwd

4. From Client, transport the key to the server :

[root@client .ssh]# scp root@
The authenticity of host ' (' can't be established.
RSA key fingerprint is 71:fc:a2:51:b3:ed:bc:7b:68:ec:9e:51:a8:04:ab:fd.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '' (RSA) to the list of known hosts.
root@'s password:                                                        100%  411     0.4KB/s   00

5. Change the key to authorized key in .ssh folder :

[root@server ~]# cd .ssh/
[root@server .ssh]# pwd
[root@server .ssh]# cat >>authorized_keys
[root@server .ssh]# ls

View the authorized_keys :

[root@ldap .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqToSfMUihcL/lFA6chuVTO77FAHNJFs102lULCVS8XwLFoDbauHdk61x3/rAHDj1HSFbb/heuHUdRndT1CJvSaK+lZ6mKMqvfqlGBvgcF+9t0+Mx3/8Nwaoy891bmiRV81UA8ywwSGx/hw6+LgLTn0F1dh+bhezdAyIV+WMM6QUW9v6APncLw0EtbZX/IMuJCizT+ka+yUgxRB8nteTKYyG1/fCwo7utKBD9Sypt4VBvMFIcoKhIoTzhAxUDxXwmOGn5mUB8aDLzUsf3eJuGOMLVH/k+zByt6tfZ9V/EFUMOVmXV33XCgewJa6RiUm0aXnmYWd722ju/tZyFqzip1w== root@client.ehowstuff.local

6. Now Connect your server without passsword but with the passphrase key :

[root@client ~]# ssh root@
Enter passphrase for key '/root/.ssh/id_rsa':
Last login: Thu Oct  4 23:08:17 2012 from
[root@server ~]#
Leave a Reply

Your email address will not be published. Required fields are marked *

A world leading hosting company that provides fully-managed innovative and secure solutions, suitable for hosting small to medium-sized websites

Built on the best available technologies combined with Google Cloud for strong redundancy and application availability. Backed by skilled experts to address web security threats, a devops team to create advanced custom security solutions, and 24/7 sysadmins to watch over the platform. This powerful, hands-on approach makes your sites faster, safer, and easier to manage. Starting from only $3.95/mo.


* up to 30 days money back guarantee