Home

About

« Back to Network

Forget about SSH passwords with SSH keys

You will need to have OpenSSH installed on your computer, and on the computers you want to connect to.

Create you SSH key

Create your SSH key with this command:

ssh-keygen -t dsa

Accept the default file location in which to save the key, and type a password to protect the key. Look into your .ssh directory: you should have two new files,

Keep your private key secret, and give your public key to whoever you want to verify your identity.

Let other computers recognize you

Let's say your want to connect with SSH to machine.domain.com without entering your password. Store your public key in the right place on the remote host:

scp ~/.ssh/id_dsa.pub machine.domain.com:.ssh/authorized_keys2

Careful: if the file .ssh/authorized_keys2 already exists there, it will be overwritten. In that case, you'll prefer to append your file to the existing one.

Activate your key each time you log in

Add ssh-add to the set of commands that your system runs each time you log in. With the GNOME desktop, you'll need to open the "Session" preference dialog and add the program like this:

Now log out and log in again: you should be asked for a password (the one you used earlier).

Enjoy!

You should now be able to log into any system that has your public key in its authorized keys file, without entering a password:

ssh machine.domain.com

If it doesn't work right away, replace ssh with ssh -vvv (very very verbose mode!) to know what is going on.

This also works with scp. No more passwords!