Charlie Harvey

Tip: Hassle Free Passwordless Remote SSH Login

Written by Charlie on

There is plenty of other documentation of how to set up remote passwordless ssh logins elsewhere on the web. But it often takes some faffing to make it work as you'd like. Now, I often do this, so I thought I’d write up the easiest way that I’ve found to do so. It only has two steps. However, the caveat emptor is that you really, really need to secure the machine from which you're doing this. If someone were to get hold of your key because you lunched out your unencrypted laptop, they'd be able to log in just the same as you. You have been warned!

1. Generate your key

You might need to generate some entropy whilst the key is being generated. Wobble the mouse, make the drive thrash, type random stuff and so on.

me@myhost:~$ ssh-keygen -t rsa -b 4096 Generating public/private rsa key pair. Enter file in which to save the key (/home/charlie/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/charlie/.ssh/id_rsa. Your public key has been saved in /home/charlie/.ssh/id_rsa.pub. The key fingerprint is: ab:10:ab:c8:5d:4a:96:40:72:0d:6e:e2:a7:35:9b:f2 charlie@mishka The key's randomart image is: +--[ RSA 4096]----+ | .*o | --------------------<< more lines like that |...E . | +-----------------+

2. Copy your key to your server with ssh-copy-id

Props to Mike Gerwitz for posting the solution to using ssh-copy-id on nonstandard ports. You are running sshd on a nonstandard port, right?

me@myhost:~$ ssh-copy-id '-p23 -i /home/me/.ssh/id_rsa.pub user@host.com' Now try logging into the machine, with "ssh '-p23 -i /home/me/.ssh/id_rsa.pub user@host.com'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

3. Log in

me@myhost:~$ ssh -p23 user@host.com No mail. Greetings professor Falken $

For the truly lazy

That was pretty straightforward, but here's a cut and pasteable version for the truly lazy (ie. me). Replace the underscores with your details.

ssh-keygen -t rsa -b 4096 ssh-copy-id '-p_ -i ///.ssh/id_rsa.pub @.' ssh -p @._


Comments

  • Be respectful. You may want to read the comment guidelines before posting.
  • You can use Markdown syntax to format your comments. You can only use level 5 and 6 headings.
  • You can add class="your language" to code blocks to help highlight.js highlight them correctly.

Privacy note: This form will forward your IP address, user agent and referrer to the Akismet, StopForumSpam and Botscout spam filtering services. I don’t log these details. Those services will. I do log everything you type into the form. Full privacy statement.