- Ubuntu 16.04 LTS
- Raspberry Pi 3 Model B
Key-based authentication is a nice alternative to username/password-based login. Below is a basic process describing how to generate an RSA key pair and install public key on Raspberry Pi.
For more info see How to configure ssh key-based authentication on a linux server, or Securing your Raspberry Pi.
Create RSA key pair
$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_rsa. Your public key has been saved in /home/user/.ssh/id_rsa.pub. The key fingerprint is: ...
The key will be created in the ~/.ssh folder by default.
Upload public key to Raspberry Pi
$ cat ~/.ssh/id_rsa.pub | ssh firstname.lastname@example.org "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
Alternatively, use ssh-copy-id:
$ ssh-copy-id email@example.com
DISABLE PASSWORD authentication (optional)
If higher level of security is required – consider disabling password authentication. Edit the following lines in /etc/ssh/sshd_config as shown below:
ChallengeResponseAuthentication no PasswordAuthentication no UsePAM no
Start ssh session as usually, password will not be required:
$ ssh firstname.lastname@example.org