-
Notifications
You must be signed in to change notification settings - Fork 3
Passwordless SSH
smska edited this page Aug 10, 2019
·
2 revisions
You can specify a file with the format
user1@host1 port1
user2@host2 port2
...
as the first argument to this script and run it to set up all SSH connection pairs and skip to step 3
- Generate a key pair (You can skip this stage if you already have a key pair):
ssh-keygen -t rsa -b 2048
- Copy your public key to the remote machine
cat ~/.ssh/id_dsa.pub | ssh user@remote.machine.com 'cat >> .ssh/authorized_keys'
or
ssh-copy-id user@remote.machine.com -p port
- Set SSH agent so that you don't have to enter your passphrase every single time you log in:
Create these aliases for convenience on your machine:
alias agent='rm -f "$HOME"/.ssh/`hostname`.agent ; ssh-agent -t 86400 | grep -v echo > "$HOME"/.ssh/`hostname`.agent ; source "$HOME"/.ssh/`hostname`.agent ; ssh-add'
alias sshagent='if [ -e "$HOME"/.ssh/`hostname`.agent ]; then source "$HOME"/.ssh/`hostname`.agent ; fi'
Run 'agent' once on your machine, and 'sshagent' for every shell instance
You can modify the -t flag inssh-agent -t 86400to adjust the time needed to reenter your passphrase (in seconds)
- To prevent password login to root, add the following to /etc/ssh/sshd_config on the server:
PermitRootLogin prohibit-password
- To prevent login to a user, add the following to /etc/ssh/sshd_config on the server:
PasswordAuthentication no