Easy Passwordless SSH

Easy Passwordless SSH

Disclaimer: This is not secure and is intended only for basic usage, because it sucks when you can’t implement something so simple in a short time. (example: for file backup to a remote server)

Scenario: You want to access the remote server from the localhost. Or, you want to backup files from localhost to a remote server. All without the trouble of entering password (also removes the human factor and allows automation).

LOCAL:
L$> ssh-keygen -t dsa
Do not type in any passkey. Just press enter.
L$> ls ~/.ssh/
L$> cat ~/.ssh/id_dsa.pub

Copy the entire line, from ssh-dss to [email protected]

REMOTE:
R$> ssh [email protected]
R$> vi ~/.ssh/authorized_keys

Paste what was copied from the localhost.

LOCAL:
L$> ssh [email protected]
It should not ask for your password.

Now that you have it working, it’s time to scrutinize the options a bit more to secure your system. Some things you can look at are (but will no longer be discussed here):

  1. adding passkey (addt’l steps required)
  2. renaming key
  3. generating different keys for separate users/applications.
  4. make your authorized_keys file readable only by you.
  • anders

    Thanks for all info.
    Anyway, you might want to take a look at the man pages for ‘ssh-copy-id’. It’s a great tool for copying public keys.

  • You should have a look into ssh-copy-id, as it handels copying your public ssh-key to other computers. No need to cut and paste, as that are error prone.

    So, generate your RSA or DSA key with password! with ssh-keygen. Make it 2048 or 4096 bits long.
    Copy your public ssh key to the other computer, with copy-ssh-id.
    Have a look at ssh-agent and ssh-add, so you only need to enter your ssh key password once per session.

    You should also check so you don’t have a circular path from the computers you have ssh on. That would give the attacker the possibility to crack one and get access to all your computers.

Comments are closed.