Setting up a no-password SSH session

As a (really late) follow up to my earlier post about SSH tricks, here follows some instructions on how to setup a no-password SSH session. As a plus, some cool configuration tips for saving some keystrokes! 😉

Well, here it goes. First, you need a pair of keys for your local machine. In case you don’t have one already, type this to generate one:

$ ssh-keygen -t dsa

When asked for a password, leave it blank (hit Enter). This will create two files: ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub. These are, respectively, your private and public keys.

Now, you want to copy the public key (id_dsa.pub) to the remote machine, and copy its contents to the file ~/.ssh/authorized_keys, which may not exist yet. Makes sure the permissions for this file do not allow reading or writing for anyone other than you. This is essential, as OpenSSH will not make use of it in case it finds it too permissive. This is for safety reasons, and 600 is probably a good set of permissions (read/write only for the owner). The easiest way to do all this is probably the following sequence of commands:

me@local$ cd ~/.ssh
me@local$ sftp username@remotemachine
sftp> cd .ssh
sftp> put id_dsa.pub
sftp> quit
me@local$ ssh username@remotemachine
me@remote$ cd .ssh
me@remote$ cat id_dsa.pub >> authorized_keys
me@remote$ rm id_dsa.pub
me@remote$ chmod 600 authorized_keys

So what I did was send the file using SFTP, appended it to the authorized_keys file (just in case it already existed), and deleted the public key file. I have also made sure the permissions are adequate.

Update: It seems the whole copying-and-setting-permissions step can be replaced by the convenient command ssh-copy-id. It is now as simple as ssh-copy-id username@remotemachine.

Now log out, and try logging back in. If everything goes right, you won’t be asked for a password anymore! 🙂

Additional tips for saving keystrokes

Ok, now for the bonus part. How about instead of typing long commands such as this:

$ ssh remoteuser@remotemachine.something.com

you could type just this:

$ ssh remote

and everything just worked? You can configure it so SSH handles all that for you, saving you some keystrokes. Interested? Ok, here’s how to do it!

You’ll need to edit (or create if needed) the file ~/.ssh/config, where you can add all configuration parameters you might want, just like in the server’s configuration file. Here’s a sample:

Host remote remotemachine.something.com
    User remoteuser
    HostName remotemachine.something.com
    ForwardX11 yes
    Compression yes

You could also use * as a host if you wanted to setup stuff for every connection. Sweet, uh?

Hope you liked it! If you want, you can learn more about all this from the same places that I did. Enjoy! ğŸ˜Ž

Advertisements

One Response to “Setting up a no-password SSH session”

  1. statueofmike Says:

    Wow, great recommendation. Thank you very much.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: