Sometimes on Linux, you want to automatically login to a machine using ssh without being prompted for a password. How do you set this up?
First you need to generate a public/private key pair on the server you will be connecting from, lets call it
SERVERFROM
ssh-keygen -t rsa
You could also use -t dsa as well.
Next you will be prompted for the directory to create the key pair in, just hit enter to accept the default.
[root@serverfrom ~]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: c5:72:ee:10:f3:8e:ca:98:da:46:85:01:11:08:ba:75 root@serverfrom
Now you have a public/private key pair. Your private key is in the file:
/root/.ssh/id_rsa
& your public key file is in
/root/.ssh/id_rsa.pub
Now, in order to get ssh to work without prompting for a password, you need to copy your public key to the server you want to connect to. Lets say the server you want to connect to is called SERVERTO, then on SERVERFROM you would do:
scp /root/.ssh/id_rsa.pub root@SERVERTO:/root/.ssh/authorized_keys2
If you already have an authorized_keys2 file on SERVERTO, then just append the new key to the end of it by copying the key to SERVERTO and then appending it like:
scp /root/.ssh/id_rsa.pub root@serverto:/root/.ssh/id_rsa.pub
Then on the SERVERTO server, just concatenate the file id_rsa.pub to the authorized_keys2 file like:
cd /root/.ssh cat id_rsa.pub >> authorized_keys2
Now, you should be able to scp or ssh from SERVERFROM to SERVERTO without supplying a password:
[root@serverfrom ~]# ssh serverto Last login: Wed Jan 6 09:09:21 2010 from serverfrom.domain.org [root@serverto ~]#
It’s nice to know some ways to use the passwordless SSH login once you’ve set it up: SSH login without password and some nifty ways to use it