How to SSH into openhabian with no password (linux)

I did not find a specific tutorial, so here is a step-by-step for enabling ‘no password’ access from your Linux machine into your openhabian install (Sorry, this does not cover Windows). In my case, openhabian is installed on a RPi 3.

On both your client (the one you are using to connect to openhabian) and host (the openhabian one) you need to have openssh installed. openssh should already be installed on openhabian, but verify by logging into openhabian and run this on the command line:

sudo systemctl status ssh

Next, you will need to change permissions in openhabian so your client can place a public key in openhabian (you may need sudo with these commands):

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Now, exit openhabian. Then install openssh on your client machine (if not already installed).
From the command line of your client machine, verify that is done with the same command used earlier for openhabian:

sudo systemctl status ssh

If that fails, you might need to check for the daemon instead:

sudo systemctl status sshd

Next, while still on your client machine, we are going to create a key pair and publish a public key from it to your openhabian host machine.

Generate a key pair with the following command (NOTE----> do NOT enter a password for your keypair):

ssh-keygen

Then, send the public key to openhabian:

ssh-copy-id openhabian@<IP_address_openhabian>

That’s it!

Test your no password connection by connecting to openhabian from the command line of your client machine with:

ssh openhabian@<IP_address_openhabian>
1 Like

FWIW, see this post to also ssh into the Karaf console.

1 Like

On Windows, you will want to set up Pagent (or equivalent, for users of Keepass2, there is a Pagent plugin which is kind of nice), import your keys and then Putty (or your ssh client of choice) will get the key from Pagent.

2 Likes

Hi there and thanks for the introduction.

I sucessfully sent my key to openhabian, but on connecting via ssh still the password is prompted.

I have no config file in my ~/.ssh/ folder → I wanted to add “PubkeyAuthentication yes” but dont know where

Does anyone know what im doing wrong?

I did not include my generated file on my machine into the default id_rsa file, but generated one in a different file id_raspi → Is this a problem?

EDIT:

Ok by using
ssh xx.xx.xx.xx -v
i could see in the log, that my separate id_raspi file is not used

I think i have just to adjust my ssh-config on my machine, to use the separate file.

Thanks and sorry for the rushed question