How to Setup SSH for Auto Login without a Password
Used for ssh or scp or anything that needs SSH secure access.
If you’ve done it before but forgot, here’s the refresher. (Otherwise, read below.)
cd .ssh ssh-keygen -t rsa (hit return through prompts) cat id_rsa.pub >> authorized_keys chmod 600 authorized_keys rm id_rsa.pub
cd .ssh scp myserver.com:.ssh/id_rsa myserver.rsa chmod 600 myserver.rsa echo "Host myserver" >> config echo "Hostname reblets.com" >> config echo "IdentityFile ~/.ssh/myserver.rsa" >> config
scp file myserver:. ssh myserver
It’s common to use ssh and scp for communicating and transferring files to and from a server. If you want to auto-login without a password, here’s how to setup SSH to use encryption keys to do so.
On the Server
Use ssh to login to your server under the account name you want to use.
Run ssh-keygen to create an encryption key pair, the public and private keys. You can just hit return for each question.
[backup@server ~]$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/backup/.ssh/id_rsa): Created directory '/home/backup/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/backup/.ssh/id_rsa. Your public key has been saved in /home/backup/.ssh/id_rsa.pub.
CD to the .ssh dir and list the files to understand what you’ve got:
[backup@server ~]$ cd .ssh [backup@server .ssh]$ ls id_rsa id_rsa.pub
Add the public key id_rsa.pub to the SSH authorized_keys file. Be sure to use the >> to append it to any other keys you might have:
[backup@server .ssh]$ cat id_rsa.pub >> authorized_keys
Be sure the file is hidden from other users, and you can delete the public key now.
[backup@server .ssh]$ chmod 600 authorized_keys [backup@server .ssh]$ rm id_rsa.pub
On the Client
Log-off the server, so you’re back on the client. Enter your .ssh directory and download the id_rsa file (the private key) from the server to your local machine:
$ cd .ssh $ scp email@example.com:.ssh/id_rsa . $ chmod 600 id_rsa
Try it out:
$ ssh -l backup server.example.com [backup@server ~]$
And you can use scp for secure file transfer:
$ scp backup.tar.gz firstname.lastname@example.org:.
Multiple SSH keys
If you login to more than one server, you can configure SSH to fetch the correct key. Here’s an example of adding to the ssh config file:
cd .ssh mv id_rsa example.rsa echo "Host backup" >> config echo "Hostname server.example.com" >> config echo "IdentityFile ~/.ssh/example.rsa" >> config
If you need a different username on your server, you can add:
echo "User backup" >> config
You can setup an environment variable to make it possible for programs that use SSH to find your keys, avoiding the requirement than you enter your passphrase each time.
Insert some lines like this into your .bash_profile:
if [ -z "$SSH_AUTH_SOCK" ] ; then eval `ssh-agent -s` ssh-add fi