SSH login without entering password
For extremely lazy or extremely optimized people :)
If you didn't know, you can log into a *NIX-based ssh server without entering your password by means of putting your public key onto remote server and then logging into it.
There are lots of explanations on the Net about how to make this setup manually, and how it works, so I'll omit this blah-blah here.
Here's how you make it work:
- Go to http://www.catb.org/~esr/ssh-installkeys/ and download the latest version of ssh-installkeys
- Untar the archive and 'make install' it
- Now, for example if you want to be able to ssh log into someserver.com as user myself without entering password, you should execute the following command:
ssh-installkeys myself@someserver.com - You will be prompted to enter password for the remote server, as well as your public key will be created (in case it wasn't until now), and uploaded to remote server
- Once the program finished its magic, you will be able to login into someserver.com just by typing
ssh myself@someserver.com
That's it! There's not step three :) Er.. I mean.. oh well :)
A little note for those who are not very familiar with software compilation voodoo. There's that "Untar the archive and 'make install' it" step. Here's basically how you do it:
Open Terminal (it's located inside the Applications/Utilities folder), and type the following (you can just copy and paste, either in batch or line by line):
curl -O http://www.catb.org/~esr/ssh-installkeys/ssh-installkeys-1.4.tar.gz
tar zxvf ssh-installkeys-1.4.tar.gz
cd ssh-installkeys-1.4
sudo make install
you will have to enter your password after you type the last command. That should you get going.
Notice: if you're getting errors like make: command not found , you have to install Developer Tools (or XCode) which come on your Mac's installation DVD.
August 20th, 2006 at 8:02 am
Thanks for the tip! I didn't know about ssh-installkeys and would always hand edit the .ssh files.
I am one of the super lazy people, so I must point out that your ssh command has 8 characters too many :)
Instead of "ssh myself@someserver.com", you can just do "ssh someserver.com". To configure this magic, edit ~/.ssh/config and add your user id that you want to use for that server:
Host someserver.com
User dave
October 18th, 2006 at 8:13 pm
Thank you for this prog!
But unfortunately it doesn't work at my site. I assume this has to do with ssh configuration?!
Maybe anybody can tell me how to configure ssh so this magic works. Are there some global or local ssh settings that have to be adjusted so this works? Maybe in /etc/ssh/ssh_config?
Any help appreciated! Thanks!
October 18th, 2006 at 8:24 pm
Heile,
you can try the following:
- first, i presume you already have the public key generated inside the ~/.ssh/id_rsa.pub on your local computer
- now, you should have a string in that file sort of the one like I have: "ssh-rsa AAAAB3Nz………………..lWUpb3Uw/nQRBc= mike@Mikhail.local"
- copy the string into clipboard
- now, log into remote server (entering the password, as usual). there should be a directory called ".ssh" inside your home directory. now, check if you have a file called "authorized_keys" inside that directory. if you don't have it, create one. or edit the existing one. What you need to do is to add the public key contents which you copied into clipboard on step 2, as a new line to the "authorized_keys" file contents.
basically, this approach should work for you. I have a server on which the ssh-installkeys doesn't work as advertised, so for that case I use the approach I have wrote about about. hope it works for you too.
February 14th, 2007 at 7:15 pm
[...] One more thing to notice is that you need to generate an ssh key-pair in order to be able to log into a remote server without entering a password (that's why there is no mention of passwords in the script's settings). You can read about logging into SSH without using passwords here. [...]