ssh and scp without passwords
If you are a frequent user of the ssh or scp command, you are probably pretty tired of having to enter your password for the remote machine every time you execute one of these commands. Well, if you are certain that your local machine is secure, then it turns out that it's pretty easy to set up a trust relationship between your machine and the remote machine using private certificates.
The example I am going to show is performed on a Mac. I assume that for a Linux/Unix machine, the procedure is identical, although the file names may differ slightly. If you are on a PC, I assume there is some way to generate keys and that once they are generated, the process is the same. But I don't know the way that keys are created on a PC.
That said, here we go:
1 - Open a terminal window. If you don't know how to open a terminal window, you should probably stop right now since these trust relationship between machines is only really of use for people who routinely use the terminal.
2 - Enter the following command at the command prompt:
You'll be prompted to answer several questions as part of the key generation. For all of them, just accept the default value by hitting the Enter key at each of the prompts.
3 - Once the command executes, you should be able to go to the .ssh directory in your root directory (cd ~/.ssh) and you should then see files called: id_rsa and id_rsa.pub.
4 - Copy the id_rsa.pub file to your remote machine (scp id_rsa.pub yourUser@yourMachine, where you put in the correct value for your user and machine).
5 - ssh to your remote machine.
6 - In your root directory, do an ls -a to see if you have an existing directory called .ssh.
7 - If you do not have an existing directory called .ssh, create one (mkdir .ssh) and change the permissions to be 700 (chmod 700 .ssh).
8 - Change into the .ssh directory.
9 - If you do not have an existing file called authorized_keys, copy your id_rsa.pub file into this directory with that name (mv ../id_rsa.pub authorized_keys).
10 - If you do have an existing file called authorized_keys, you'll want to append the contents of the id_rsa.pub to the existing authorized_keys file (cat ../id_rsa.pub >> authorized_keys).
11 - Make sure that the permissions of the authorized_keys are 644 (chmod 644 authorized_keys).
Once you complete this quick process, you'll be able to use the ssh and scp commands to your remote server without needing to enter your password.
The example I am going to show is performed on a Mac. I assume that for a Linux/Unix machine, the procedure is identical, although the file names may differ slightly. If you are on a PC, I assume there is some way to generate keys and that once they are generated, the process is the same. But I don't know the way that keys are created on a PC.
That said, here we go:
1 - Open a terminal window. If you don't know how to open a terminal window, you should probably stop right now since these trust relationship between machines is only really of use for people who routinely use the terminal.
2 - Enter the following command at the command prompt:
ssh-keygen
You'll be prompted to answer several questions as part of the key generation. For all of them, just accept the default value by hitting the Enter key at each of the prompts.
3 - Once the command executes, you should be able to go to the .ssh directory in your root directory (cd ~/.ssh) and you should then see files called: id_rsa and id_rsa.pub.
4 - Copy the id_rsa.pub file to your remote machine (scp id_rsa.pub yourUser@yourMachine, where you put in the correct value for your user and machine).
5 - ssh to your remote machine.
6 - In your root directory, do an ls -a to see if you have an existing directory called .ssh.
7 - If you do not have an existing directory called .ssh, create one (mkdir .ssh) and change the permissions to be 700 (chmod 700 .ssh).
8 - Change into the .ssh directory.
9 - If you do not have an existing file called authorized_keys, copy your id_rsa.pub file into this directory with that name (mv ../id_rsa.pub authorized_keys).
10 - If you do have an existing file called authorized_keys, you'll want to append the contents of the id_rsa.pub to the existing authorized_keys file (cat ../id_rsa.pub >> authorized_keys).
11 - Make sure that the permissions of the authorized_keys are 644 (chmod 644 authorized_keys).
Once you complete this quick process, you'll be able to use the ssh and scp commands to your remote server without needing to enter your password.
| Rating: | 100% positive, 4 total Votes |
| Categories: | shell Mac linux UNIX |
| Added: | on Dec 21, 2007 at 2:51 pm |
| Added By: | an anonymous user |
