How to connect to Raspberry Pi via ssh without password (using ssh keys)

Dani Dudas
3 min readJun 4, 2020

--

I assume that you have your raspberry pi already setup with ssh access, but asking every time for the password (annoying and not safe). If you didn’t set up your Raspberry Pi yet check this post

Generate an ssh key pair (private-public) on your local computer

(skip this step if you already have a pair, continue if you don’t know)

First, check if you already have one.

Default all the ssh keys are located in ~/.ssh folder on your computer. If you don’t have this folder or it’s empty you don’t have.

To generate a new rsa key pair go to Terminal and simply type and follow the steps

ssh-keygen

If you keep all the defaults now you will have two new files

  • ~/.ssh/id_rsa — This is your private key. NEVER share this file with anybody and DO NOT copy this file to external computers/servers.
  • ~/.ssh/id_rsa.pub — This is the public key. The content of this file can be shared and the content of this file we will need to copy to the raspberry pi.

Copy public key to Raspberry Pi

In order to connect to raspberry PI via ssh using the private-public rsa keys you just created, the Pi needs to have your public key stored locally on the pi. For this connect via ssh to the Raspberry Pi (using the password (default one is raspberry)) and create a new file in .ssh folder named authorized_keys . Here will be stored all the public keys of the computers from where you want to have access via ssh.

vim ~/.ssh/authorized_keys
// paste in this the content of the ~/.ssh/id_rsa.pub from your local computer

To test that it’s working disconnect from your raspberry pi and try to connect again normally and you will see that the password is not required anymore.

Create a shortcut

If you don’t remember your IP address of your raspberry pi or you have many all over the house with different functions it’s easier to set a name for each one and then simply ssh by name, right? To do this, on your local computer open or create this file ~/.ssh/config and type in there the name you want and the.

Host pi-door-sensor
Hostname 192.168.0.15
User pi
Host pi-shades
Hostname 192.168.0.143
User pi
  • Host — Is the name you want to have for that specific connection
  • Hostname — The IP address of the Raspberry PI
  • User — The username, default is pi

After that connect simply like this, no need to remember the IP addresses anymore.

ssh pi-door-sensor
ssh pi-shades

Disable access via password

If you want to have better security, it’s recommended to connect only using the ssh keys created before and disabled the password, or set up a really strong password.

To disable access via password connect to your raspberry pi and go edit this file

sudo vim /etc/ssh/sshd_config

And you will find a line like this

#PasswordAuthentication yes

change it to be like this (uncomment and change the value to no from yes)

PasswordAuthentication no

That’s it. Hopefully, this helped you. I also have other articles about configuring different stuff on the raspberry pi.

--

--

Dani Dudas
Dani Dudas

Written by Dani Dudas

Automate the house with Raspberry Pi :)

No responses yet