SSH public key login – passwordless

How to
Posted on | by admin

 

instructions from dream host wiki but can be applied to any debian host

Passwordless Login

Unix, Linux, Mac OS X, and Cygwin

Users can set up SSH so that they have passwordless ssh access to DreamHost servers. (Please read ‘Single Password Logon’ for security concerns.)

On your home computer, you must generate an RSA private key (or DSA), using ssh-keygen (unless you already have one):

ssh-keygen -t rsa

It will prompt you for three things, hit enter to accept the default on all three.

Next, you must copy your public key to DreamHost’s server; easiest is to use ssh-copy-id. Replace user and example.com with your username and domain name, respectively.

ssh-copy-id -i ~/.ssh/id_rsa.pub user@example.com

You will then be prompted for your SSH password. This will copy your key to user@example.com:~/.ssh/authorized_keys automatically.

Note: Mac OS X does not support ssh-copy-id. If your home computer does not support ssh-copy-id, then the following will do the same thing by hand.

This one-line command should get everything all set up in one go:

([ -f ~/.ssh/id_rsa.pub ] || ssh-keygen -t rsa ) && (ssh user@example.com "([ -d ~/.ssh ]||mkdir -m 700 ~/.ssh) && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys" < ~/.ssh/id_rsa.pub)

By hand

Copy your security certificate generated using ssh-keygen (see above)

scp ~/.ssh/id_rsa.pub user@example.com:~/

SSH to the machine you wish to connect to.

ssh user@example.com

Now append the public key to your authorized keys file and delete the file you uploaded:

mkdir .ssh
cat id_rsa.pub >> .ssh/authorized_keys
rm id_rsa.pub

Now make sure permissions are set properly for all necessary files and directories:

chmod go-w ~
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

If everything is configured properly, you should be able to access your DreamHost account through SSH without a password now!

For more information, see the man pages for ssh, ssh-keygen, ssh-copy-id, and sshd. “Getting started with SSH” is a step-by-step tutorial which you may find helpful.

Note that permissions on your home directory may get messed up if you use rsync with the home directory itself as a target, which is not uncommon for Personal Backup user – see Personal Backup#Automated Backups on how to fix this. 

Leave a Reply