Setting up ssh keys for passwordless login

September 25th, 2009 Ivan Villareal 1 comment

Most part of the time I’ve spent on my development machine I have several terminals opened, but thanks to screen I only have one per server.

However I’m constantly in the need to login to some servers just to make a quick check of something, so I have to type in my credentials every time I log in, this really annoys me, because when I’m focused on something I don’t want to loose that focus waiting for the login prompt.

So what I did to fix this annoyance, was to use Key Authentication instead of Password Authentication, I’ve been using this for several years now under several distros without a problem.

So in short this is what I do, whenever I want to use Key Auth.

gondor .ssh # cd ~/.ssh
gondor .ssh ~ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
53:df:bb:74:24:2d:7f:78:1f:85:66:f0:19:b6:9f:71 root@gondor
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|          . . o  |
|         . . = * |
|        S   . @.E|
|         .   o O=|
|              +o*|
|             . ++|
|              . .|
+-----------------+

I haven’t set a password for the key, because if I set a password I would have to type the password for the key each time, or setup a program to remember the key password like Gnome Keyring or Putty Pageant in Windows.

After my private and public keys are generated I copy the public key to the server where I want to access without password

gondor .ssh # ssh-copy-id -i id_rsa.pub ivan@odin
The authenticity of host 'odin (192.168.1.201)' can't be established.
RSA key fingerprint is bb:36:b4:0b:05:13:ce:a2:2e:95:97:59:65:f3:f8:a8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'odin,192.168.1.201' (RSA) to the list of known hosts.
Password:
Now try logging into the machine, with "ssh 'ivan@odin'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

gondor .ssh # ssh ivan@odin
Last login: Fri Sep 25 15:50:03 PDT 2009 from gondor.artedigital on ssh
Last login: Fri Sep 25 15:50:07 2009 from gondor.artedigital
ivan@odin ~ $

Categories: Linux Tags: auth, key, Linux, passwordless, ssh

Ivan Villareal

Archive