Use SSH keys on your Raspberry Pi

Accessing your Raspberry Pi with SSH is very easy, with this guide you will learn to use SSH keys to make access to your Raspberry Pi even easier.

Before I even start on ssh and ssh-keys on your Raspberry Pi, please please please change the standard password on your Raspberry Pi! If you have your own linux OS running on your Pi this might not be needed but when using the Rasp OS please change it!

Login without password on Raspberry Pi

Yes! It’s possible to login without a password! But you need to configure your Raspberry Pi to allow access from another computer with an SSH key instead of a password.

Let’s first check if you already have keys on the computer you are using to connect to the Raspberry Pi:

ls ~/.ssh

If you see files named or then you have keys set up already, so you can skip the ‘Generate new SSH keys’ step below.

Oh… did I already mention this is a Mac, Linux or Windows Subsystem for Linux (WSL) on Windows 10 🙂 Sorry all other windows users.

Okay… no keys? Let’s generate them! To generate new SSH keys enter the following command:


Upon entering this command, you will be asked where to save the key. I would suggest to save it in the default location (~/.ssh/id_rsa) by pressing Enter.

You will also be asked to enter a passphrase, which is optional. The passphrase is used to encrypt the private SSH key, so that if someone else copied the key, they could not impersonate you to gain access. If you choose to use a passphrase, type it here and press Enter, then type it again when prompted. Leave the field empty for no passphrase.

Now look inside your .ssh directory:

ls ~/.ssh

and you should see the files id_rsa and

authorized\_keys  id\_rsa  id\  known\_hosts

The id_rsa file is your private key. Keep this on your computer. Don’t give it to anyone! EVER! Protect it with your life!

The file is your public key. This is what you share with machines that you connect to: in this case your own Raspberry Pi. When the machine you try to connect to matches up your public and private key, it will allow you to connect.

Take a look at your public key to see what it looks like:

cat ~/.ssh/id\

It should be in the form:


No it is time to copy it to the Rasp. Using the computer which you will be connecting from, append the public key to your authorized_keys file on the Raspberry Pi by sending it over SSH:

ssh-copy-id <USERNAME>@<IP-ADDRESS>

Note that for this step you will need to authenticate with your Raspberry Pi password.

No ssh-copy-id available on your system, buy a Mac (affiliate link), or you can copy the file manually over SSH:

cat ~/.ssh/id\ | ssh <USERNAME>@<IP-ADDRESS> 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized\_keys'

If you see the message ssh: connect to host <IP-ADDRESS> port 22: Connection refused and you know the IP-ADDRESS is correct, then you may not have enabled SSH on your Raspberry Pi. Read this to turn on your SSH on your Raspberry Pi.

Now try ssh <USER>@<IP-ADDRESS> and you should connect without a password prompt.

If you see a message “Agent admitted failure to sign using the key” then add your RSA or DSA identities to the authentication agent ssh-agent then execute the following command:


If this does not work, you can get assistance on the Raspberry Pi forums.

SSH keys on your Raspberry Pi by SCP

Note: you can also send files over SSH using the scp command (secure copy). See the SCP guide for more information.

If you are using macOS like me, and after verifying that your new key allows you to connect, you have the option of storing the passphrase for your key in the macOS keychain. This allows you to connect to your Raspberry Pi without entering the passphrase.

Run the following command to store it in your keychain:

ssh-add -K ~/.ssh/id\_rsa

All done!

Happy Programming!

Oh yes… on how to change your Raspberry Pi password read this.

To create this manual I used the manual from Raspberry Pi.

Did you find this article valuable?

Support Theo van der Sluijs by becoming a sponsor. Any amount is appreciated!