SSH Without a Password
The following steps can be used to ssh from one system to another without specifying a password.
Notes:
The system from which the ssh session is started via the ssh command is the client.
The system that the ssh session connects to is the server.
These steps seem to work on systems running OpenSSH.
The steps assume that a DSA key is being used. To use a RSA key substitute 'rsa' for 'dsa'.
The steps assume that you are using a Bourne-like shell (sh, ksh or bash)
Some of this information came from:
http://www.der-keiler.de/Mailing-Lists/securityfocus/Secure_Shell/2002-12/0083.html
Steps:
On the client run the following commands:
$ mkdir -p $HOME/.ssh $ chmod 0700 $HOME/.ssh $ ssh-keygen -t dsa -f $HOME/.ssh/id_dsa -P '' This should result in two files, $HOME/.ssh/id_dsa (private key) and $HOME/.ssh/id_dsa.pub (public key).
Copy $HOME/.ssh/id_dsa.pub to the server.
On the server run the following commands:
$ cat id_dsa.pub >> $HOME/.ssh/authorized_keys2 $ chmod 0600 $HOME/.ssh/authorized_keys2 Depending on the version of OpenSSH the following commands may also be required:
$ cat id_dsa.pub >> $HOME/.ssh/authorized_keys $ chmod 0600 $HOME/.ssh/authorized_keys An alternative is to create a link from authorized_keys2 to authorized_keys:
$ cd $HOME/.ssh && ln -s authorized_keys2 authorized_keys
On the client test the results by ssh'ing to the server:
$ ssh -i $HOME/.ssh/id_dsa server
(Optional) Add the following $HOME/.ssh/config on the client:
Host serverIdentityFile ~/.ssh/id_dsa This allows ssh access to the serverwithout having to specify the path to the id_dsa file as an argument to ssh each time.
Helpful manpages:
ssh(1)
ssh-keygen(1)
ssh_config(5)
Valid XHTML and CSS // Licensed under a Creative Commons Attribution 2.5 License
$Id: ssh_nopass.html 748 2006-08-06 05:21:59Z ranga $
