use ssh without a password

Use a public/private key pair to avoid having to type in your password every time you open up a ssh session:

1- Generate a keypair, install the public key on the server and ‘authorize’ it.

2- Copy the private key(s) to the ‘~/.ssh’ directory on your local machine.

3- Set the permission of your private key files to no access for group and world.  (600)

brian@Mint13desktop ~/.ssh $ ls -l
-rw------- 1 brian brian 1743 Dec 19 20:40 id_dsa
-rw------- 1 brian brian 1768 Dec 19 21:28 known_hosts
-rw------- 1 brian brian 1424 Jun 1 2013 known_hosts.old

4- Edit ‘/etc/ssh/ssh_config’ with a line starting with ‘IdentityFile’ for each of your private keys

 IdentityFile ~/.ssh/id_dsa

5- connect without having to type a password!

brian@Mint13desktop ~ $ ssh username@briangallimore.com
Last login: Thu Dec 19 20:28:15 2013 from ****.net
username@briangallimore.com [~]#

(local computer is LinuxMint 13, remote is Linux web host)

This entry was posted in How-To and tagged , , , . Bookmark the permalink.

3 Responses to use ssh without a password

  1. Pingback: Subversion (svn) on shared web host (bluehost) and Linux client setup | Brian Gallimore's Blog

  2. kb5won says:

    just ran into a problem — if remote server does not have authorized_keys file setup. The authorized_keys file resides in the home/user/.ssh folder, and has one public key allowed per line:

    [dave@caprice dave]$ ssh 192.168.1.3 -v
    [I edited out the verbose output, and entered the password]
    [Remember kids, always use -v so dont try this at home :) ]

    [dave@julia dave]$ mkdir .ssh
    [dave@julia dave]$ chmod 700 .ssh
    [dave@julia dave]$ cd .ssh
    [dave@julia .ssh]$ touch authorized_keys
    [dave@julia .ssh]$ chmod 600 authorized_keys
    [dave@julia .ssh]$ cat ../identity.pub >> authorized_keys
    [dave@julia .ssh]$ rm ../identity.pub

    (from http://sshkeychain.sourceforge.net/mirrors/SSH-with-Keys-HOWTO/SSH-with-Keys-HOWTO-4.html)

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.