Passwordless SSH login using a Private Key (.pem) file

I’ve been using Amazon EC2 instances for a while and love using them. I also have a few home servers that I use for various tasks (generally old PCs etc). I wanted the ability to be able to log into these boxes (and specifically to automatically deploy software on them using Ansible) without having to use a password when I log in. In pretty much the same way as I do with my EC2 instances.

Here are the steps I took to do this.

First, you must log in to the host you want to access. Under the user you want to access, run the following command:-

cd ~
ssh-keygen -b 1024 -t dsa -v -f ~/.ssh/<name>

Replace <name> with either a name for the user or a machine name. In the rest of my examples I will show the output after using “centos” (without the quotes) as the name.

This should generate an output similar to the following:-

Generating public/private dsa key pair.
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/centos.
Your public key has been saved in /root/.ssh/centos.pub.
The key fingerprint is:
42:cc:14:75:be:ca:c5:fb:7c:94:04:cd:a3:4d:2c:9d user@localhost.localdomain
The key's randomart image is:
+--[ DSA 1024]----+
|      oo. .  = . |
|     +   o  o E  |
|      +   .  * . |
|     .   . .. o  |
|      . S +  . . |
|       o o .  o  |
|        o .  .   |
|           o  .  |
|            o.   |
+-----------------+

We then need to add the generated key into the list of authorised keys. This is done as follows

cd ~/.ssh
cat centos.pub >> authorised_keys

Then rename the private key file “centos” to centos.pem

mv centos centos.pem

You then need to download your pem file. Obviously this file allows password less access to this box from anywhere, so be careful what you do with this file!!

On a remote machine

scp user@my-centos-machine:~/.ssh/centos.pem .

This then allows you to remotely login using this pem file

ssh -i centos.pem user@my-centos-machine

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.