How to Setup SSH for Auto Login without a Password

By snorlaxprime

Used for ssh or scp or anything that needs SSH secure access.

Quick reminder…

If you’ve done it before but forgot, here’s the refresher. (Otherwise, read below.)

On server:

cd .ssh
ssh-keygen -t rsa  (hit return through prompts)
cat id_rsa.pub >> authorized_keys
chmod 600 authorized_keys
rm id_rsa.pub

On client:

cd .ssh
scp myserver.com:.ssh/id_rsa myserver.rsa
chmod 600 myserver.rsa
echo "Host myserver" >> config
echo "Hostname reblets.com" >> config
echo "IdentityFile ~/.ssh/myserver.rsa" >> config

Test it:

scp file myserver:.
ssh myserver


It’s common to use ssh and scp for communicating and transferring files to and from a server. If you want to auto-login without a password, here’s how to setup SSH to use encryption keys to do so.

On the Server

Use ssh to login to your server under the account name you want to use.

Run ssh-keygen to create an encryption key pair, the public and private keys. You can just hit return for each question.

[backup@server ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/backup/.ssh/id_rsa):
Created directory '/home/backup/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/backup/.ssh/id_rsa.
Your public key has been saved in /home/backup/.ssh/id_rsa.pub.

CD to the .ssh dir and list the files to understand what you’ve got:

[backup@server ~]$ cd .ssh
[backup@server .ssh]$ ls
id_rsa  id_rsa.pub

Add the public key id_rsa.pub to the SSH authorized_keys file. Be sure to use the >> to append it to any other keys you might have:

[backup@server .ssh]$ cat id_rsa.pub >> authorized_keys

Be sure the file is hidden from other users, and you can delete the public key now.

[backup@server .ssh]$ chmod 600 authorized_keys
[backup@server .ssh]$ rm id_rsa.pub

On the Client


Log-off the server, so you’re back on the client. Enter your .ssh directory and download the id_rsa file (the private key) from the server to your local machine:

$ cd .ssh
$ scp backup@server.example.com:.ssh/id_rsa .
$ chmod 600 id_rsa

Try it out:

$ ssh -l backup server.example.com
[backup@server ~]$

And you can use scp for secure file transfer:

$ scp backup.tar.gz backup@server.example.com:.

Multiple SSH keys

If you login to more than one server, you can configure SSH to fetch the correct key. Here’s an example of adding to the ssh config file:

cd .ssh
mv id_rsa example.rsa
echo "Host backup" >> config
echo "Hostname server.example.com" >> config
echo "IdentityFile ~/.ssh/example.rsa" >> config

If you need a different username on your server, you can add:

echo "User backup" >> config

SSH Agent

You can setup an environment variable to make it possible for programs that use SSH to find your keys, avoiding the requirement than you enter your passphrase each time.

Insert some lines like this into your .bash_profile:

if [ -z "$SSH_AUTH_SOCK" ] ; then
    eval `ssh-agent -s`