Passwordless SSH Access
Passwordless SSH makes it easy to automate tasks and run tools like Ansible without being prompted for passwords. This guide walks you through generating SSH keys, distributing them, and setting up your environment for seamless, secure access.
Requirements
- A local Linux/macOS system (your control device)
- Remote machines accessible via SSH
- OpenSSH installed on all machines
Before beginning, you will first need to be able to SSH to your target machines WITH a password. This might be done with a user on that machine you have a password for and network access with a hostname.
For example:
ssh user@hostname
This assumes, that the target machine is on the local network and has the OpenSSH daemon running.
🗝️ Generate an SSH key (if you haven't already)
ssh-keygen -t ed25519 -f ~/.ssh/homelab
Hit Enter when prompted for a passphrase (or add one for security).
Copy your public key to each remote host
ssh-copy-id -i ~/.ssh/homelab.pub username@10.0.0.2
ssh-copy-id -i ~/.ssh/homelab.pub username@10.0.0.3
ssh-copy-id -i ~/.ssh/homelab.pub username@10.0.0.4
Replace
user@IPwith the correct user and IP of each node.
Configure your SSH client
Create or edit ~/.ssh/config:
vim ~/.ssh/config
Paste the following:
AddKeysToAgent yes
Host node-1
HostName 10.0.0.2
User username
IdentityFile ~/.ssh/homelab
Port 22
Host node-2
HostName 10.0.0.3
User username
IdentityFile ~/.ssh/homelab
Port 22
Host node-3
HostName 10.0.0.4
User username
IdentityFile ~/.ssh/homelab
Port 22
Now you can run
ssh node-1instead ofssh username@10.0.0.2.
Auto-load SSH key on login
Add this to your ~/.zshrc (or ~/.bashrc if using bash) - make sure to replace the key name with your own if it differs:
# Start SSH Agent, add key
if ! pgrep -u "$USER" ssh-agent > /dev/null; then
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/homelab 2>/dev/null
fi
Then reload your shell:
source ~/.zshrc
Test it out
ssh node-1
You should now be able to log in without entering a password or passphrase.