2009-04-05

Password-less SSH login (auto-authentication/login) on a remote machine

ssh-keygen -t rsa

...will generate an id_rsa and an id_rsa.pub file in your ~/.ssh/ directory. Afterwards you have to copy your id_rsa.pub file which is basically your public key, to the ~/.ssh/authorized_keys file on the remote machine. So if you copy the id_rsa file to the /root/.ssh/authorized_keys file of a remote (or local...) machine, you should be able to log-in on this machine as root without providing any password:
scp ~/.ssh/id_rsa.pub root@example.com:/root/.ssh/authorized_keys
or
scp ~/.ssh/id_rsa.pub anyUser@example.com:/home/anyUser/.ssh/authorized_keys
Also you should pay attention NOT to copy the ~/.ssh/id_rsa file, as this is your private key which should be kept secret. However an auto-login resp. auto-authentication which allows you to login on a remote machine without entering a password might decrease the security level of the remote machine: So if anybody get your private id_rsa key, he is able to auto-login on this machine as well.

2 comments:

  1. PapaRaven6.5.09

    Well done; I've never seen this boiled-down to so few steps.

    BTW, the trailing forward-slash needs to be dropped (it implies a directory rather than a target file). And it might [perhaps] be worth noting that the remote machine may not yet have a .ssh directory.

    ReplyDelete
  2. Anonymous9.7.10

    This comment has been removed by a blog administrator.

    ReplyDelete