+- Post4VPS Forum | Free VPS Provider (https://post4vps.com)
+-- Forum: VPS Discussion (https://post4vps.com/Forum-VPS-Discussion)
+--- Forum: Tutorials (https://post4vps.com/Forum-Tutorials)
+--- Thread: Passwordless login to VPS (/Thread-Passwordless-login-to-VPS)
Passwordless login to VPS - Dudi - 10-21-2015
Hello everyone,
In this tutorial I'm going to show that how can you create passwordless login to VPS.
1. Download PuTTY Key Generator from here: http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe
And then start it.
![[Image: K_pkiv_g_s001_www.kepfeltoltes.hu_.jpg]](http://kepfeltoltes.hu/151021/K_pkiv_g_s001_www.kepfeltoltes.hu_.jpg)
2. You can change "number of bits in a generated key" to "4096" if you would like to be more secure.
![[Image: K_pkiv_g_s002_www.kepfeltoltes.hu_.png]](http://kepfeltoltes.hu/151021/K_pkiv_g_s002_www.kepfeltoltes.hu_.png)
3. Then click to Generate and make some random moves with your mouse.
4. When It's finished, then save Public and then save Private key to a safe location on your HDD and to a second place too, for example a flashdrive.
It will ask that "Are you sure that you want to save this key without passphrase to protect it?".
Simple click to Yes.
5. Create a new text file with authorized_keys.txt name and copy the PuTTY Key Generator's windows content into this file.
6. Login to your VPS over SSH with root.
7. Enter these commands:
Code:
pwdCode:
cd ~Code:
mkdir .sshCode:
nano .ssh/authorized_keys(if you get a "-bash: nano: command not found" error then you must first install nano with "apt-get install nano" command)
Simple copy your authorized_keys.txt file's content to this newly created file or you can copy directly from PuTTY Key Generator's windows content into this file.
Save and exit.
8. Enter these command to modify permissions
Code:
chmod -R 700 .ssh/9. Open and edit sshd_config file
Code:
nano /etc/ssh/sshd_configDelete "Yes" or "No" and replace with "without-password".
Code:
PermitRootLogin without-password9. Restart your VPS
Code:
reboot10. Locate your private key in Putty
![[Image: 816138115K_pkiv_g_sputtysaveprivatekey00...es.hu_.png]](http://kepfeltoltes.hu/151021/816138115K_pkiv_g_sputtysaveprivatekey003_www.kepfeltoltes.hu_.png)
/Connection/SSH/Auth/Browse
11. Save connection in Putty and Connect
![[Image: K_pkiv_g_sputtyconnect004_www.kepfeltoltes.hu_.png]](http://kepfeltoltes.hu/151021/K_pkiv_g_sputtyconnect004_www.kepfeltoltes.hu_.png)
In this example I entered Google's DNS IP address (8.8.8.8). You have to replace it with your own VPS's IP address.
If you changed your SSH port in the previous tutorial then don't forget to use the right port.
Under the "Saved Sessions" enter your VPS's name (for example Post4VPS) and then click to save.
And you are ready. Putty won't ask for password anymore!
Please use the
![[Image: thumbsup.png]](https://post4vps.com/images/icons/thumbsup.png){kind=icon}
⇩ button below. Thx.
RE: Passwordless login to VPS - xdude - 10-21-2015
That's the nice tutorial! So is it more secure to use this method and disable root password ? I use it with Filezilla for my cPanel accounts but haven't used for SSH root.
RE: Passwordless login to VPS - Dudi - 10-22-2015
(10-21-2015, 05:06 PM)xdude Wrote: That's the nice tutorial! So is it more secure to use this method and disable root password ? I use it with Filezilla for my cPanel accounts but haven't used for SSH root.
Thanks, No I don't think that this is more secure. It's just convenient because you do not have to enter your password all the time.
With password based login you can create 2048-4096 bits passwords too.
So basically this is a very similar to password based logins, the difference is just that you do not have to type it from your keyboard, but store in a txt file in your SSH client's folder.
But if somebody steal your or hack your desktop PC, then he will access to your VPS servers too.
This is why I like better to use passwords and KeePass.
RE: Passwordless login to VPS - Conan - 10-24-2015
You made a tutorial without totally understanding what it does?
IT MAKES IT MORE SECURE THAN USING PLAIN TEXT PASSWORDS.
RSA keys are REALLY HARD TO CRACK. (Takes billions of years for a normal PC to bruteforce it)
setting PermitRootLogin to without-passwords sets OpenSSH to allow remote root logins but only with ssh keys and blocks login attempts that use plain text passwords.
This could be quite inconvenient if you always use different or change devices. Or if you want to connect from your school or a computer shop.
RE: Passwordless login to VPS - Sagnik - 10-25-2015
Actually...it is not very convenient for me to use this as I frequently change devices...