SSH/SCP without prompting password.

Step 1. The step is to copy a unique key generated on your ‘homebox’ to the server you are connecting too. First, before you generate a new key, check to see if you already have a key:

user@homebox ~ $ ls -l ~/.ssh
total 20
-rwx–xr-x 1 user user 601 Feb 2 01:58 authorized_keys
-rwx–xr-x 1 user user 668 Jan 1 19:26 id_dsa
-rwx–xr-x 1 user user 599 Jan 1 19:26 id_dsa.pub
-rwx–xr-x 1 user user 6257 Feb 2 21:04 known_hosts

# The file we need to copy to the server is named id_dsa.pub. As you can see above, the file needed exists. You may or may not have other files in ~/.ssh as I do. If the key doesn’t exist, however, you can make one as follows:

user@homebox ~ $ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_dsa): # Press ‘enter’ here
Enter passphrase (empty for no passphrase): # Press ‘enter’ here
Enter same passphrase again: # Press ‘enter’ here
Your identification has been saved in /home/user/.ssh/id_dsa.
Your public key has been saved in /home/user/.ssh/id_dsa.pub.
The key fingerprint is:
6f:c3:cb:50:e6:e9:90:f0:0f:68:d2:10:56:eb:1d:91 user@host

Note : Entering a password when asked during the key generation processes when prompted would require you to enter a password each time you SSH/SCP to the server which defeats the purpose of this document.

Step 2. Regardless whether you had a key ready to go or if you had to generate a new key, the next step is the same in either case. Now you’re ready to copy the key to the server. Do so like this:

Now copy the text of file “id_dsa.pub” to server from where to copy in /home/user/.ssh/id_dsa.pub file. If this file already there then append your new generated key text.

Step 3. Now it’s time to test the setup. To do that, try to ssh to the server:

#### Example ####

user@homebox ~ $ ssh ‘servername’ (or ‘ipaddress’)

# You should log in to the remote host without being asked for a password.

Step 4. You can now SSH or SCP to the remote host without having to enter a password at each connection. To make sure your public key stays secure from prying eyes, do the following to change permissions and restrict access on ‘homebox’ and also on ‘servername’ to ~/.ssh:

#### Example ####

user@homebox ~ $ chmod 600 ~/.ssh/id_dsa ~/.ssh/id_dsa.pub

# Verify the permissions on the files:

#### Example ####

user@homebox ~ $ ls -l ~/.ssh
-rw——- 1 user user 668 Feb 4 19:26 id_dsa
-rw——- 1 user user 599 Feb 4 19:26 id_dsa.pub

Advertisements
Post a comment or leave a trackback: Trackback URL.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: