SSH Keys
SSH keys work using public-key cryptography to securely authenticate you without a password.
π Key Concepts
β’ You generate a key pair:
β’ Private key: stays on your device (~/.ssh/id_xxxxxxx)
β’ Public key: gets copied to the server (~/.ssh/authorized_keys)
π How It Works
1. When you try to SSH:
β’ The server checks if your public key is in authorized_keys.
2. If it is:
β’ The server challenges your client to prove it holds the matching private key.
3. Your SSH client:
β’ Uses your private key to solve a cryptographic puzzle.
4. If solved correctly:
β’ Authentication succeeds β no password needed.
β
Why Use SSH Keys?
β’ More secure than passwords
β’ Enables automation (scripts, git, etc.)
β’ Easily restricted, revoked, or rotated
To avoid entering your password every time you SSH into your UniFi Dream Machine, set up SSH key-based authentication:
β Steps (from your Mac)
- Generate SSH Key (if you donβt already have one)
ssh-keygen -t xxxxxxx -C "unifi"
Press Enter to accept defaults. This creates ~/.ssh/id_xxxxxxx and its .pub file.
- Copy your public key to the UDM
ssh-copy-id root@192.168.1.1
If ssh-copy-id isnβt available (on macOS it might not be):
cat ~/.ssh/id_xxxxxxx.pub | ssh root@192.168.1.1 "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"
- Test it
ssh root@xxx.xxx.xxxx.xxxx
You should now connect without a password.