How to set up ssh so passwd is not needed.
To set up a system so that no passwd is needed two keys must be generated and copied to a file per known-host. The two keys are called rsa
, of these keys two keys will be genterated per key, a private key and a public key.
Open a terminal window and create the keys, this is done with the ssh-keygen utility. Lets create the first key.
hostname:$ssh-keygen -t rsa
The utility will ask for a file to copy the key to, just press enter, this will copy the key to the default location, (~/.ssh)
Next the utility will ask for a pass phrase, if you don't want to be bothered with entering a pass phrase just press enter, confirm again. Now you will be given a key fingerprint and the keys (id_rsa and id_rsa.pub) will be copied to your home .ssh directory.
Now create the second keys.
hostname:$ssh-keygen -t dsa
Again as with the rsa keys you will be asked for a file to copy the keys to, just press enter, and also asked for a pass phrase again if you don't want to bother with entering a pass phrase just press enter.
Now a second set of keys will be genterated and copied to the ~/.ssh directory. Ok lets change into the .ssh directory.
Do a ls to list the contents of the .ssh directory the output should look something like this
id_dsa id_dsa.pub id_rsa id_rsa.pub known_hosts
Now we need to copy the public keys to a file called authorized_keys. At the terminal type
hosdname:~/.ssh$cat id_rsa.pub > authorized_keys; cat id_dsa.pub >> authorized_keys
What this command has done is copied the contents of the id_rsa.pub key to a file called authorized_keys then apended the id_dsa.pub key to that same file. So now if you do a ls or list the contents of the .ssh directory you will see a new file added called authorized_keys.
Now we need to copy the authorized_keys file to the remote host we would like to ssh into without having to enter a passwd everytime. We will use the scp utility to do this, lets say the remote-host we want to ssh into has a ip of 192.168.1.100 then the command would be.
hostname:~/.ssh$scp authorized_keys 192.168.1.100:/home/username/.ssh
Make sure to enter the home directory name for the remote system, you will be prompted for a password, enter the password and the authorized_keys file will be copied to the remote hosts .ssh directory.
Now if you need to ssh into a remote-host all that is needed is to enter ssh /ipaddress/ and you will not be asked for a passwd. SSH will authenticate using the rsa and dsa keys.
Note: This can be done for the root account, but is safer if it is set up on the users account and then if needed su to root to perform any admin tasks.