Password-less SSH

Needs / Issues

  • Frequently connect to remote computer, need to input password several times (Annoying!);
  • Connect to multiple computers, get mixed up with credentials (Expected);
  • Reverting to insecure protocols (FTP, ...) to do recurrent tasks (Very bad!).

Audience

  • Administrator / Power user;
  • Adventurous end user.

Initial Setting

  • Local computer: LOCALHOST
  • Remote computer: REMOTEHOST
  • OpenSSH installed on both;
  • DNS configuration so that LOCALHOST and REMOTEHOST resolve properly.
    Can always use IP address instead.
  • If you don't want to use passwords at all, follow the red directives.
    Otherwise, do as the blue statements state.

Steps

  • On remote computer:

    Remote computer

    1. Open the SSH server configuration file:
      vi /etc/ssh/sshd_config
       
    2. Make sure the following lines are uncommented:
      RSAAuthentication yes
      PubkeyAuthentication yes

    3. Restart the SSH server:
      service sshd restart
  • On local computer:

    Local computer

    1. Go to your SSH local directory:
      cd ~/.ssh
       
    2. Create Key pair:
      ssh-keygen -t rsa -f KEY_NAME
      Press 'Enter' twice (to create it without passphrase).
      Input twice your passphrase.
       
    3. Add your private key to your local SSH agent:
      ssh-add KEY_NAME
      Input your passphrase (this is the only time you need to do that).
       
    4. Add your public key to the remote SSH agent:
      ssh-copy-id -i KEY_NAME.pub REMOTE_USER@REMOTEHOST
      Input the password of the remote user.

After doing those steps, you should be able to execute SSH-based commands (ssh, scp, ...) without inputting a password.
If not, let me know what went wrong.

One more thing, if you used a passphrase, you will need to input it when adding the key, but all subsequent actions with the server (SSH, SCP, ...) will be executed without requiring a password.
It is important to secure your key with a passphrase so if it ever gets stolen, it cannot be used without your passphrase.