Thursday, May 6, 2010

SSH without a password

To ssh without a password you need to create a public/private key pair on the server you are performing the ssh from.

To create a DSA key use the following command (-t indicates the type of key to be created):
$ ssh-keygen -t dsa

To create an RSA key use the following command:
$ ssh-keygen -t rsa

If you accepted the default file in which to save the key you should find that a new file would have been created under the .ssh folder on the server called id_dsa.pub or id_rsa.pub depending on the type of key chosen.


On the remote server copy the contents of id_dsa.pub or id_rsa.pub into a file called authorized_keys under the .ssh folder:
$ vi authorized_keys

If you are manually creating the .ssh folder on the remote server change the permissions on the folder as follows:
$ chmod 700 .ssh

You should now be able to ssh into the remote server (from the server that you created your public/private key).

N.B. your home directory must only have read and execute permissions for other users and should not have write permissions e.g. drwxr-xr-x. To change your home directory to have this permissions run the following command from the home/ directory:
$ chmod 755 username


If you are using a Windows OS you can do something similar by using putty-gen to create a public/private key and setting up your ssh client (putty, SecureCRT, etc.) to use the key to login to the remove server.

No comments:

Post a Comment