SSH Without a Password

Home / Notes / SSH Without a Password
=====================================

The following steps can be used to ssh from one system to
another without specifying a password.

Notes
------

A. The system from which the ssh session is started via the
   ssh command is the [client]

B. The system that the ssh session connects to is the [server].

C. These steps seem to work on systems running OpenSSH.

D. The steps assume that a RSA key is being used because
   OpenSSH has deprecated DSA keys as being "too [] weak and
   [] recommend[s] against [their] use" (see OpenSSH Legacy Options). To use a DSA key (for example,
   on an older system) substitute 'dsa' for 'rsa'.

E. The steps assume that you are using a Bourne-like shell
   (sh, ksh or bash)

Steps:
------

1. On the [client] run the following commands:

    $ mkdir -p ~/.ssh
    $ chmod 0700 ~/.ssh
    $ ssh-keygen -t rsa -f ~/.ssh/id_rsa -P ''

   This should result in two files, ~/.ssh/id_rsa (private key)
   and ~/.ssh/id_rsa.pub (public key).

2. Copy ~/.ssh/id_rsa.pub to the [server].

3. On the [server] run the following commands:

    $ mkdir -p ~/.ssh
    $ chmod 0700 ~/.ssh
    $ cat id_rsa.pub >> ~/.ssh/authorized_keys2
    $ chmod 0600 ~/.ssh/authorized_keys2

   Depending on the version of OpenSSH the following commands
   may also be required:

    $ cat id_rsa.pub >> ~/.ssh/authorized_keys
    $ chmod 0600 ~/.ssh/authorized_keys

   An alternative is to create a link from authorized_keys2 to
   authorized_keys:

   $ cd ~/.ssh && ln -s authorized_keys2 authorized_keys

4. On the [client] test the results by ssh'ing to the [server]:

    $ ssh -i ~/.ssh/id_rsa [server]

   If a password prompt appears, adding the -v option before the
   -i option may be helpful to determine the problem.

5. (Optional) Add the following ~/.ssh/config on the [client]:

    Host [server]
        IdentityFile ~/.ssh/id_rsa

   This allows access to the [server] without having to specify
   the id_rsa file as an argument to ssh each time.

Translations:
-------------

Indonesian translation by Jordan Silaen / ChameleonJohn.com:
 
http://www.chameleonjohn.com/translations/ssh_nopass-Indonesian

References:
-----------

1. http://www.der-keiler.de/Mailing-Lists/securityfocus/Secure_Shell/2002-12/0083.html
2. ssh(1), ssh-keygen(1), ssh_config(5)