On occasion I have the need to establish trust relationships between Unix boxes so that I can script file transfers. In short, here’s how you leverage SSH to do that. Using the example of trying to connect from server ‘ender’ to get a file on ‘bean’ follow this example:
- Connect to ender
- type:
ssh-keygen -t rsa- default directory for keyfiles will be ~/.ssh/
- if you do not want to be prompted, leave passphrase blank
- copy the contents of .ssh/id_rsa.pub (there should only be one line)
- place this line on bean, in ~/.ssh/authorized_keys
- that’s it, you should now be able to ssh/sftp/scp from ender to bean without being prompted for a password!
For further detail and a more complete example check this site out.
Update: You must have "RSAAuthentication yes" in your /etc/ssh/sshd_config file. On many Linux installations this setting is commented out in a default install
Pingback: spiralbound.net » Changes to Solaris ssh_config for Password-less SSH Login
Using these instructions I’ve just set up my Mac OSX desktop to connect to one of our servers without the need for a password.
I also saved the connection info in a terminal shortcut so I can connect to the server just as easily as I can open a terminal window.
Thanks for these instructions!
I was having trouble getting this working but a bit of research led me to making the authorized_keys file non group writeable… then it all burst into life
Pingback: Life After Coffee » SSH Without A Password
Maybe I’m paranoid, but having a private key without a passphrase freaks me out, so I use a key with a passphrase and then I use keychain (from the Gentoo project) to cache my decrypted keys in an ssh-agent process.
It’s too involved for me to post all the details, but if folks want, I could possibly detail it all in a blog post.
I’d certainly be curious.
One other thing that you may want to check is that the authorized_keys file is not group and world read/write permissions set. It got me stumped until I did a tail on the messages/secure log file to understand what was happening.
I have seen amny sites which give instructions for passwordless connection. But this one is really very handy and truly works fine.
For those who are as dense as myself.. authorized keys is a file, not a directory.. when you put it in, it is appending a file, not adding files to a directory.
Pingback: Life After Coffee » Secure remote file copy
I am not sure about everybody else but for me the permissions on the .ssh directory were very important. I was not able to get this to work unless I removed all from group and other. A chmod 600 or 700 might be required.
Thanks for the help. Nice tutorial!
Pingback: Bash backup scripts including mysql backup at max words
Pingback: Kladblog » Blog Archive » Wachtwoordloze SSH login
Pingback: Distributed NLTK with execnet « streamhacker.com
You have to create ~/.ssh/ because by default this is not present.
Sheesh, that actually works. Mucho tnx, no sheep! :P
Thanks a lot for this post. I am new to using Macs and because of posts like this, I am starting to like Macs more and more. I used this to get a growl notification to work whenever a certain phrase is appended to a log file.
Doesn’t work on Solaris 10 Sparc 64bit