I need to remotely SSH into my Linux servers quite often, and it’s a pain to have to remember so many passwords and type them every time I want to log in. I recently discovered a neat way to be able to SSH into my servers without typing in a password. OpenSSH also allows you to execute commands remotely, and not having to enter a password while doing so means that I can run some automated tasks remotely. Again, this can be very helpful. For any cynics out there this method is quite secure. In fact, in my opinion it is probably more secure than entering a password. Let’s get started with setting up a password-less connection to a remote server. Note that this process will only work on a Linux or UNIX machine. The process itself in pretty straightforward.
The first step is to create a public key to make a secure authentication to the server. Launch a shell terminal on your Linux desktop and run the following command:
# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/calvin/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/calvin/.ssh/id_rsa.
Your public key has been saved in /home/calvin/.ssh/id_rsa.pub.
This step generates the public key and stores it into the file /home/calvin/.ssh/id_rsa.pub. When asked which file you want the key to be written to, just hit Enter to pick the suggested option. Similarly, when prompted for a passphrase just hit the Enter key twice. This file is stored in your home directory, in the .ssh folder which holds all the SSH server’s configuration files. So, next, you need to copy this file to the server to which you want to be able to SSH without a password.
# scp ~/.ssh/id_rsa.pub email@example.com:/home/username/
Replace both instances of username in the above command with the username you use to log on to your remote server, and remoteserver.com with the host name or IP address of remote server. Now SSH into that server and add your desktop’s public key to the server’s SSH configuration:
# ssh firstname.lastname@example.org
# cat ~/id_rsa.pub >> ~/.ssh/authorized_keys2
Next, you need to set the permission of the file ~/.ssh/authorized_keys2 correctly:
# chmod 644 ~/.ssh/authorized_keys2
This is not always required, but I’ve been stuck with problems caused by permission issues many times, besides it does not hurt to set the permissions right. You’re done now. Exit the SSH connection to your remote server and ssh in again. You should now not be prompted for a password.
Now you can do lots of cool things on your remote server. For example, run the command:
# ssh email@example.com “uptime; df -h”
The command should give you the desired output from your remote server directly on your local shell, without prompting you for your password. You can also copy files to or from your remote server without worrying about having to enter a password. This means you can do things like download you daily backup from your remote server to your local desktop everyday using a simple shell script. This is quite a powerful tool. Use it with caution.