Passwordless SSH access
It is possible to configure your Pi to allow your computer to access it without providing a password each time you try to connect. To do this you need to generate an SSH key:
Check for existing SSH keys
First, check whether there are already keys on the computer you are using to connect to the Raspberry Pi:
If you see files named
id_dsa.pub you have keys set up already, so you can skip the generating keys step (or delete these files with
rm id* and make new keys).
Generate new SSH keys
To generate new SSH keys enter the following command:
Upon entering this command, you'll be asked where to save the key. We suggest you save it in the default location (
/home/pi/.ssh/id_rsa) by just hitting
You'll also be asked to enter a passphrase. This is extra security which will make the key unusable without your passphrase, so if someone else copied your key, they could not impersonate you to gain access. If you choose to use a passphrase, type it here and press
Enter, then type it again when prompted. Leave the field empty for no passphrase.
Now look inside your
and you should see the files
authorized_keys id_rsa id_rsa.pub known_hosts
id_rsa file is your private key. Keep this on your computer.
id_rsa.pub file is your public key. This is what you share with machines you want to connect to. When the machine you try to connect to matches up your public and private key, it will allow you to connect.
Take a look at your public key to see what it looks like:
It should be in the form:
ssh-rsa <REALLY LONG STRING OF RANDOM CHARACTERS> user@host
Copy your public key to your Raspberry Pi
To copy your public key to your Raspberry Pi, use the following command to append the public key to your
authorized_keys file on the Pi, sending it over SSH:
Note that this time you will have to authenticate with your password.
Alternatively, if the
ssh-copy-id is not available on your system, you can copy the file manually over SSH:
cat ~/.ssh/id_rsa.pub | ssh <USERNAME>@<IP-ADDRESS> 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys'
ssh <USER>@<IP-ADDRESS> and you should connect without a password prompt.
If you see a message "Agent admitted failure to sign using the key" then add your RSA or DSA identities to the authentication agent
ssh-agent then execute the following command:
If this did not work, delete your keys with
rm ~/.ssh/id* and follow the instructions again.
You can also send files over SSH using the
scp command (secure copy). See the SCP guide for more information.