September 14, 2009
ssh logins without passwords
According to “How To Become A Hacker”, No problem should ever have to be solved twice.
My problem: logging into a particular server via ssh. Each time I do that, I’ve got to open Keychain Access, search for “ssh”, find the correct Password item which I added in there previously, open it, click “Show password”, type in my password to unlock my keychain, copy the password, paste it into terminal, and I’m in. A perfect task to be automated!
The outline of the solution is to use public/private key cryptography to automatically authenticate myself to the server without having to use a password each time. The steps are:
- Generate a public and private key pair using using
ssh-keygen -t rsa
Just follow the prompts and choose the defaults (yes, the passphrase must be empty too). Your private key will be saved in /Users/your-name/.ssh/id_rsa and your public key will be saved in /Users/your-name/.ssh/id_rsa.pub - Edit id_rsa.pub and copy the key into textedit. Make sure the key ends with the username you’ll be logging into the remote system with (something like user@example.com).
- Copy the contents in textedit, ssh into the server as per normal, and append it to the end of the authorized_keys file in the .ssh/ folder.
- To test, log in again using ssh. If all has gone well, you shouldn’t need to re-type your password
You’re done! I’ve added an extra step, by creating a new file called ssh-example.com and putting my full ssh connection string in it. Then I headed over to /usr/bin and did a sudo ln -s /path/to/script/ssh-example.com which means next time I want to connect, I just type ssh-example.com into terminal.
Thanks to these guys for the help.
Roger Saner is a web platform developer (using 
