Skip to content

Instantly share code, notes, and snippets.

@Mausy5043

Mausy5043/CLI.md

Last active May 1, 2019 19:54
Show Gist options
  • Save Mausy5043/e51e109983820037648a to your computer and use it in GitHub Desktop.
Save Mausy5043/e51e109983820037648a to your computer and use it in GitHub Desktop.
Download ZIP
Setup SSH login without password
Raw
CLI.md

Setup SSH login without password

I am logged in on host "mac" as user "mausy" and want to remotely login on host "raspberry" as user "pi". But I don't want to have to enter my password every time. This is where SSH public keys come in handy.

(please note that all passwords and keys shown below are fictional)

NOTE: Make sure you have SSH installed on both hosts. SSH usually also comes with scp which will be used also.

I will start by creating a public key on host "mac":

mausy@mac ~ $ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/mausy/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/mausy/.ssh/id_rsa.
Your public key has been saved in /Users/mausy/.ssh/id_rsa.pub.
The key fingerprint is:
e2:70:80:5d:77:68:6c:ad:5a:14:c7:b2:5f:70:56:b7 mausy@mac
The key,s randomart image is:
+--[ RSA 2048]----+
|      ..o=o  .. .|
|   o . .Bo+ o  ..|
|  . o  + + +   E |
|     .  +   .    |
|    . ooS. .     |
|     +..  .      |
|      .          |
|                 |
|                 |
+-----------------+
mausy@mac ~ $

Next, I make sure that the user "pi" has a .ssh directory. If the directory already exists, this is no problem. Depending on the network configuration you are using, the hostname.domainname may either need to be raspberry or raspberry.local. I've setup my own DNS-server and defined the local domain as lan. Check what works for you. I use:

mausy@mac ~ $ ssh pi@raspberry.lan mkdir -p .ssh
pi@raspberry.local,s password:
mausy@mac ~ $

Now, copy the public key to the remote host:

mausy@mac ~ $ scp .ssh/id_rsa.pub pi@raspberry.local:/home/pi/.ssh/authorized_keys
pi@raspberry.local,s password:
id_rsa.pub                                       100%  395     0.4KB/s   00:00
mausy@mac ~ $

And finally, login on the remote server and discover that you don't need to enter your password.

mausy@mac ~ $ ssh pi@raspberry.lan
Linux raspberry 3.18.0-trunk-rpi #1 PREEMPT Debian 3.18.5-1~exp1+rpi16 (2015-03-28) armv6l

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
pi@raspberry ~ $

We do need to make a small modicifation though, for security reasons:

pi@raspberry ~ $ chmod 600 .ssh

If you have multiple remote hosts just copy the same public key to all of them as shown above.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment