When from a machine one needs to often access another one via ssh, it may be annoying to have to give the password every time.
It is however simple (just three commands!) to let a machine trust another one by using a pair of public and private keys. How to do it is nicely explained in a post by Mattias Kettner. The provided Linux solution works also for the Mac. (We copy the solution here because on the Internet things may suddenly disappear at any time…)
First, on the localmachine requesting remote access to remote you need to generate a pair of public and private key (accept all the defaults provided):
localuser@localmachine:~> ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/a/.ssh/id_rsa): Created directory '/home/a/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/localuser/.ssh/id_rsa. Your public key has been saved in /home/localuser/.ssh/id_rsa.pub. The key fingerprint is: 3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 a@A
Second, you use ssh to create on remotemachine, in the remoteuser home, a .ssh directory (it may already exist, which is ok)
localuser@localmachine:~> ssh remoteuser@remotemachine mkdir -p .ssh remoteuser@remotemachine's password:
Third, you have to append the public key which was generate locally to the .ssh/authorized_keys on the remote machine (if the file does not exist, it will be created).
localuser@localmachine:~> cat .ssh/id_rsa.pub | ssh remoteuser@remotemachine 'cat >> .ssh/authorized_keys' remoteuser@remotemachine's password:
(Note that the first two lines above must be a single command)
Done! From now on you can log into B as b from A as a without providing a password anymore:
localuser@localmachine:~> ssh remoteuser@remotemachine