How to setup quick, passwordless login using SSH?
There are two parts to this tutorial. In the first one, I am going to show how to login to a remote server without using a password (when you normally do need a password to login). Secondly, I am also going to show you how to setup SSH on your local machine so that you can use short aliases to connect to remote machines.
I have successfully used these techniques on Linux and Mac OS X for the past year or so. Lets get started:
For the purpose of this tutorial, I will show you how to connect from Mac OS X client to a Linux server. You need to get the contents of your RSA public key from your Mac OS X host. Here is how I did it:
That prints the contents of the file. Now, login to your remote host using the user account that you want to be used for passwordless connection/login. You just need to copy the contents from ~/.ssh/id_rsa.pub (as it is) to ~/.ssh/authorized_keys on the remote host.
IMPORTANT: If you already have some data in the target file then you just need to concatenate ie. paste the new content from the beginning of the next line in ~/.ssh/authorized_keys. You may also use ssh-copy-id to do the copy for you but it is not available on Mac OS X. See, ‘man ssh-copy-id’ for more details.
Once you are done copying the contents to ~/.ssh/authorized_keys, you should now be able to login to the remote host without entering the password. Something like,
In the example above, I am connecting to 'remote-host.com' as user 'remote_user'. Please note that we still need to mention the username and remote hostname. Also, in some cases the remote hostnames are too long (e.g. Amazon EC2 hosts) and hard to remember. To solve these problems, you need to edit the ~/.ssh/config file on your local host and create a new configuration/label for your remote host. Here is what I’d do, if I had to connect using the above username and hostname.
Host remote HostName remote-host.com User remote_user ServerAliveInterval 180 ServerAliveCountMax 10
The first line above mentions a label to be used to connect to the remote host and rest are self explanatory (last two lines are optional and will depend on your SSH configuration). Now, I can connect to remote host by just typing in the following on local host:
Please note that, you could also mention identity file and other such information in ~/.ssh/config file. Another example, using an identity file.
Host remote HostName remote-host.com User remote_user ServerAliveInterval 180 ServerAliveCountMax 10 IdentityFile /Users/localuser/keys/id.pem
Please note that you can have multiple labels/aliases/configurations in ~/.ssh/config.
Did this tutorial help a little? How about buy me a cup of coffee?
Please feel free to use the comments form below if you have any questions or need more explanation on anything. I recommend thoroughy testing on a production-like test system first before moving to production.