SSH login without a password

If you regularly use ssh to log in to another machine within your LAN, you might be interested in establishing some level of trust between the machines. In order to achieve it we can generate a pair of keys. If it’s to be a mutual trust the keys need to be generated on all machines. In my case, it’s going to be a one-way trust. First create a pair of keys on the machine you usually log in from. Let’s call the machine ‘local_machine’ and the username will be ‘sheldon’:

sheldon@local_machine:~$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/sheldon/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/sheldon/.ssh/id_rsa.
Your public key has been saved in /home/sheldon/.ssh/id_rsa.pub.
The key fingerprint is:
3d:23:ab:6b:f3:27:46:44:6b:76:e2:41:5e:79:b8:d1 sheldon@local_machine
The key's randomart image is:
+--[ RSA 2048]----+
|           +     |
|        o = E    |
|       + o +     |
|        O.o      |
|       =S++      |
|        oo o     |
|       ..        |
|      o.o .      |
|     .o=.o       |
+-----------------+

Note that we need to leave the passphrases blank.

Then you need to copy the public key on the remote machine (remote_machine) with the user ‘fred’:

ssh-copy-id -i ~/.ssh/id_rsa.pub fred@remote_machine

Now fred@remote_machine ‘trusts’ sheldon@local_machine and lets him in without asking for his password. If it doesn’t work, you can edit /etc/ssh/sshd_config on the remote machine and add the following lines and restart ssh:

RSAAuthentication yes
PubkeyAuthentication yes

Have fun!

2 thoughts on “SSH login without a password

  1. Pingback: ssh - remote

Leave a Reply

Your email address will not be published. Required fields are marked *

* Copy This Password *

* Type Or Paste Password Here *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>