Suppressing the password request on ssh

When from a machine one needs to often access another one via ssh, it may be annoying to have to give the password every time.

It is however simple (just three commands!) to let a machine trust another one by using a pair of public and private keys. How to do it is nicely explained in a post by Mattias Kettner. The provided Linux solution works also for the Mac. (We copy the solution here because on the Internet things may suddenly disappear at any time…)

First, on the localmachine requesting remote access to remote you need to generate a pair of public and private key (accept all the defaults provided):

localuser@localmachine:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa): 
Created directory '/home/a/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/localuser/.ssh/id_rsa.
Your public key has been saved in /home/localuser/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 a@A

Second, you use ssh to create on remotemachine, in the remoteuser home, a .ssh directory (it may already exist, which is ok)

localuser@localmachine:~> ssh remoteuser@remotemachine mkdir -p .ssh
remoteuser@remotemachine's password:

Third, you have to append the public key which was generate locally to the .ssh/authorized_keys on the remote machine (if the file does not exist, it will be created).

localuser@localmachine:~> cat .ssh/id_rsa.pub | 
        ssh remoteuser@remotemachine 'cat >> .ssh/authorized_keys'
remoteuser@remotemachine's password: 

(Note that the first two lines above must be a single command)

Done! From now on you can log into B as b from A as a without providing a password anymore:

localuser@localmachine:~> ssh remoteuser@remotemachine
Advertisements
Posted in Admin

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: