Advertisements

Create SSH identity files for passwordless login

The SSH command-line program supports the use of identify files (via the -i parameter) to use certificate-based login. This is useful if you want to bypass the manual entry of passwords, or script an SSH or scp task.

Generating the identity files is relatively quick and easy.

First, lets assume there are two Linux systems, the local system (where the SSH connection originates), and the remote system (where the connection is being made to).

On the local system, run ssh-keygen

ssh-keygen

You can accept the default location of the keyfiles (~/.ssh), and press enter twice to generate the keyfiles with no password.

Now, in your destination directory you will have two files, id_rsa and id_rsa.pub. The file with the .pub extension is the public keyfile, while the other is the private one.

For security, chmod the .ssh directory to 0700.

chmod 0700 ~/.ssh

Transfer the public keyfile to your target system.

on your target system, create ~/.ssh directory with 0700 mode.

mkdir ~/.ssh
chmod 0700 ~/.ssh

rename the id_rsa file to authorized_keys and place it in ~/.ssh

You can now try to ssh into the target system by specifying the -i paremeter with the private keyfile.

Enjoy!

Further reading:

Advertisements