If you often need to establish SSH connections to a server, entering the password each time may be a hassle or even a non-starter. For example, in our case, we use ssh connections in our nightly build scripts, so obviously entering a password would not be an option here…
So it can be useful to configure the server and your client to accept secure ssh connection without the need to enter a password. What must be done, then, is to generate a public/private key pair, and copy the public part into the appropriate place on the server side.
For doing this, on the user’s home directory, on the client machine, type:
local> ssh-keygen -t rsa -f ~/.ssh/id_rsa
-t tells the type of encryption
-f tells where to store the public/private key pairs. In this case, the .ssh directory in the home directory is being used
A password will be asked; leave this part blank, just press <enter>
Now, go to the .ssh directory, and you will find two new files: id_rsa and id_rsa.pub. The last one is the public part. Now, copy the public key to the server machine:
local> cd ~/.ssh
local> scp id_rsa.pub user@remote:~/.ssh/id_rsa.pub
Of course, this time you will need to enter the password. Now, login into the server machine and go to the .ssh directory on the server side:
local> ssh user@remote
remote> cd ~/.ssh
Then add the client’s public key to the known public keys on the server:
remote> cat id_rsa.pub >> authorized_keys2
remote> chmod 640 authorized_keys2
remote> rm id_rsa.pub
and that’s all. Next time you log into the remote server, no password will be asked. If that does not work, you can try to use authorized_keys instead of authorized_keys2, since it may depend on the Linux version used.
Note that this system will work while none of the machines change its IP address and for the specific user, so it is still safe.
Reference: http://www.astro.caltech.edu/~mbonati/WIRC/manual/DATARED/setting_up_no-password_ssh.html (Link is down now)
Jean-Luc started CNX Software in 2010 as a part-time endeavor, before quitting his job as a software engineering manager, and starting to write daily news, and reviews full time later in 2011.
|Support CNX Software - Donate via PayPal, become a Patron on Patreon, or buy review samples|