Passwordless SSH on Ubuntu: Secure Setup Guide

Table of Contents

Passwordless SSH on Ubuntu: Secure Setup Guide

Configuring password-free SSH login on an Ubuntu server is a foundational practice for improving both security and operational efficiency.

By leveraging asymmetric cryptography, you eliminate password-based attacks while enabling seamless automation and remote access.

🔐 Core Concept: Asymmetric Encryption
#

SSH key authentication is based on a key pair:

Public Key (id_rsa.pub)
Stored on the server — acts like a lock
Private Key (id_rsa)
Kept securely on your local machine — acts like the key

Only a matching private key can unlock access, making brute-force attacks virtually ineffective.

⚙️ Step-by-Step Setup
#

Step 1: Create a Dedicated User (Server-Side)
#

Use adduser for a complete and interactive setup:

server$ sudo adduser vxbus

Automatically creates home directory
Sets default shell and environment

Step 2: Generate SSH Key Pair (Local Machine)
#

If you don’t already have a key pair:

PC$ ssh-keygen -t rsa -b 4096

Keys stored in ~/.ssh/
Optional: add a passphrase for extra protection

💡 Modern alternative: ed25519 keys offer better performance and security.

Step 3: Copy Public Key to Server
#

Use the recommended method:

PC$ ssh-copy-id -i ~/.ssh/id_rsa.pub vxbus@192.168.1.123

This ensures proper setup without manual errors.

🔍 What Happens Behind the Scenes
#

Running ssh-copy-id performs several critical actions:

Creates /home/vxbus/.ssh/ if it doesn’t exist
Appends your public key to authorized_keys
Sets strict permissions:

~/.ssh            → 700
authorized_keys   → 600

⚠️ SSH will reject login if permissions are too open.

🛡️ Advanced Security Hardening
#

Once key-based login works, disable password authentication:

Step 1: Edit SSH config
#

sudo nano /etc/ssh/sshd_config

Step 2: Update setting
#

PasswordAuthentication no

Step 3: Restart SSH service
#

sudo systemctl restart ssh

This prevents attackers from even attempting password-based access.

✅ Summary Checklist
#

User Created Home directory and shell environment configured
Key Pair Generated id_rsa and id_rsa.pub available
Public Key Installed Present in ~/.ssh/authorized_keys
Permissions Secured .ssh = 700, authorized_keys = 600

🧠 Key Takeaway
#

Passwordless SSH is not just a convenience—it’s a security baseline for modern systems.

It enables:

Safer remote access
Automation (CI/CD, scripts, orchestration)
Reduced attack surface

For larger environments, this setup becomes the foundation for tools like Ansible and other configuration management systems.

Linux SSH Password-Free Login and Automation in 2026

15 January 2026·559 words·3 mins

Linux SSH Security Automation DevOps

Top 10 SSH Clients for Secure Remote Server Management

12 January 2025·560 words·3 mins

SSH DevOps System Administration Remote Access Networking Linux Tools

Linux exec Command: Process Control & FD Mastery

11 April 2026·466 words·3 mins

Linux Bash Shell DevOps Docker

🔐 Core Concept: Asymmetric Encryption #

⚙️ Step-by-Step Setup #

Step 1: Create a Dedicated User (Server-Side) #

Step 2: Generate SSH Key Pair (Local Machine) #

Step 3: Copy Public Key to Server #

🔍 What Happens Behind the Scenes #

🛡️ Advanced Security Hardening #

Step 1: Edit SSH config #

Step 2: Update setting #

Step 3: Restart SSH service #

✅ Summary Checklist #

🧠 Key Takeaway #

Related