As a (really late) follow up to my earlier post about SSH tricks, here follows some instructions on how to setup a no-password SSH session. As a plus, some cool configuration tips for saving some keystrokes! 😉
Well, here it goes. First, you need a pair of keys for your local machine. In case you don’t have one already, type this to generate one:
$ ssh-keygen -t dsa
When asked for a password, leave it blank (hit Enter). This will create two files:
~/.ssh/id_dsa.pub. These are, respectively, your private and public keys.
Now, you want to copy the public key (
id_dsa.pub) to the remote machine, and copy its contents to the file
~/.ssh/authorized_keys, which may not exist yet. Makes sure the permissions for this file do not allow reading or writing for anyone other than you. This is essential, as OpenSSH will not make use of it in case it finds it too permissive. This is for safety reasons, and
600 is probably a good set of permissions (read/write only for the owner).
The easiest way to do all this is probably the following sequence of commands: me@local$ cd ~/.ssh
me@local$ sftp username@remotemachine
sftp> cd .ssh
sftp> put id_dsa.pub
me@local$ ssh username@remotemachine
me@remote$ cd .ssh
me@remote$ cat id_dsa.pub >> authorized_keys
me@remote$ rm id_dsa.pub
me@remote$ chmod 600 authorized_keys
So what I did was send the file using SFTP, appended it to the
authorized_keys file (just in case it already existed), and deleted the public key file. I have also made sure the permissions are adequate.
Update: It seems the whole copying-and-setting-permissions step can be replaced by the convenient command ssh-copy-id. It is now as simple as
Now log out, and try logging back in. If everything goes right, you won’t be asked for a password anymore! 🙂
Additional tips for saving keystrokes
Ok, now for the bonus part. How about instead of typing long commands such as this:
$ ssh firstname.lastname@example.org
you could type just this:
$ ssh remote
and everything just worked? You can configure it so SSH handles all that for you, saving you some keystrokes. Interested? Ok, here’s how to do it!
You’ll need to edit (or create if needed) the file
~/.ssh/config, where you can add all configuration parameters you might want, just like in the server’s configuration file. Here’s a sample:
Host remote remotemachine.something.com User remoteuser HostName remotemachine.something.com ForwardX11 yes Compression yes
You could also use
* as a host if you wanted to setup stuff for every connection. Sweet, uh?