SSH Login Without Password Prompt

Often you have a set of machines you trust implicitly and you’d like to make ssh logins and scp copies less tedious by not having the system prompt you for the password.  It used to be incredibly confusing to manually setup and install the keys on remote machines, now, though with OpenSSH it’s gotten a lot easier.

The first thing you need to do is create public and private keys; to do that you use ssh-key-gen on your machine (you’ll either need to be on the console or have previously made a ssh connection).

For this example, the “local” workstation will be superman, and the remote server will be aries.

roger@superman$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/roger/.ssh/id_rsa):
[Press Enter Key]
Enter passphrase (empty for no passphrase):
[Press Enter Key]
Enter same passphrase again:
[Press Enter Key]
Your identification has been saved in /home/roger/.ssh/id_rsa.
Your public key has been saved in /home/roger/.ssh/id_rsa.pub.
The key fingerprint is:
de:ad:be:ef:01:02:03:04:05:06:07:07:09:0a:0b:0c roger@superman

Then we need to copy the public key to the remote host using ssh-copy-id

roger@superman$ ssh-copy-id -i ~/.ssh/id_rsa.pub aries
roger@aries's password:

Finally, we can log onto the remote machine without a password

roger@superman$ ssh aries
Last login: Sun Jan 2 12:12:12 2011 from superman
roger@aries$

You can take a look at the key files that were generated; you can use ssh-copy-id to copy the keys to as many machines as you want; and you can use the same private key file on each of your machines to allow for more seamless access; but you should be aware that you should only place your public key on machines you trust.

NOTE:  If you use ssh-agent (and ssh-add) to manage keys, ssh-copy-id will attempt to access the key from ssh-agent.

Originally posted 2011-01-04 02:00:12.