Passwordless SSH – Mini howto

Recently I had to administer a new site on which I was not allowed to change th password for policy reasons and the password was very complex, something like this: Un&U2p3rC@s0 (not real password 😉 )

Each time I had to log on I lost a lot of time, so for the first time I decided to generate RSA public/private keys to log on a system. For many who are used to this it’s very simple and for me up to now it’s very easy too.

Basically you have to generate a key pair, a public key and a private key. The question was for me who holds the public and who the private one. It very simple the user holds the private key, whinch is private for this reason and the server holds the public one. The next big question for me was, on which machine should I generate the key pair? The answer is very simple after the generation of the key pair you have to copy one to the aothe machine so the one you can pass on internet is the public one.

After I found the answer to this questions thenext step was very easy:

1) Log on to your client machine

2) type ssh-keygen -t rsa -p ” (You can play with these parameters in many ways)

3) scp the public key to the remote ssh server (scp .ssh/ remoteuser@sshserver:.ssh/authorized_keys

4) The copied file should have 0600 permissions, so one more logon to the server using the typed password and chown 0600 .ssh/authorized_keys

Bingo!!!. Now you are able to logon without typing the password.

Just some notes:

Your server administrator should allow authorized_keys in user home directories. Before following this steps do some check.