If you log into your Raspberry Pi using ssh it will prompt you for a password. Having to do this multiple times a days this is very annoying. To ease the pain, and enhance security, you can use public key authentication instead. Therefor you create a pair of keys on your client, and store the public key on your Raspberry Pi. Then you set up an authentication by key. Afterwards the user can login into the Raspberry Pi using his private key.

Creating the keys

The first step is to create a pair of keys on the client using ssh-keygen. For the RSA key we choose 2048 bits:

Generating ssh keys

This will generate a pair of keys and store them in the folder ~/.ssh/:

Content of the .ssh folder

I have not set a passphrase. Actually a passphrase is good idea as it gives more security yet I do not want to enter the passphrase everytime I access the key.

Store public key on the Raspberry Pi

For the last time you have to log into your Raspberry Pi using password. Once logged in you copy your public key from the client into ~/.ssh/authorized_keys:

The file should look similar to:

An authorized key file

Optional: Deactivate password authentication

In order to increase the security you can disable the password authentication. Be aware that you cannot login into your Raspberry Pi over SSH using a password.

In your /etc/ssh_config set PasswordAuthentication no and restart your ssh daemon. Try to connect to the Raspberry Pi after the ssh daemon has restarted before you end your current session. In case something goes wrong you will not be able to connect again.