We might want to perform SSH login to a remote machine without using password due to numerous reasons. Typing password every time we wish to login is a torture. If we are building the system which involves automated scripts, then these scripts might need to login to a remote machine in order to execute its task. Automated ssh login can benefit us in those situations.
In order to login to a machine without requiring to enter password, we perform public key authentication. For executing public key authentication, we generate a public and a private key, upload public key to the remote machine and use private key to authenticate.
The remote machine must contain a user with SSH access for our use and you must have username and password with you. For running SSH commands on windows, you need to install OpenSSH in your machine. You have to run following command on PowerShell Administrative for this purpose:
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
Now you can open PowerShell Non-administrative mode and run the command below to generate a key pair:
The keys are usually generated on C:\Users\UserName\.ssh . If your are asked to enter the passphrase, you can just press enter.
In order to add these keys to the Windows 10 Keystore, run
Now we should copy our public key to the remote machine. We can do this using any of the third party applications like FileZilla, PuTTY, etc. After logging into the remote server using this tool, navigate to .ssh directory of current user on remote server and the create a new file named authorized_keys with no extension if it does not exist previously. Now open file explorer on your local machine and the navigate to the location where key pair was generated, i.e. inside C:\Users\UserName\.ssh directory. You have to locate id_rsa file and open this file on notepad to view its content. Copy the content of id_rsa and paste it at the end of authorized_keys file on server.
Finally, try ssh login to the remote machine. Run on PowerShell:
If you are successfully logged in, that's it. But, if you encounter "Permission are too open" error, and prompted for a password, then you must configure permission for id_rsa file on your local machine.
Right-click on id_rsa file then select "Properties". Navigate to the "Security" tab and click "Advanced". Change the owner to you if not already, click on "Disable Inheritance" and delete all inheritances. Then grant yourself "Full control" and save the permissions. It should end up looking like this:
Now SSH won't complain about file permission too open anymore. Again, try ssh login to the remote machine and now it should login without requiring to enter the password.