On machines with a single sysadmin where the root account is enabled, it might still be convenient to allow root login through key pairing only by disabling remote password login for root. To this end, /etc/sshd_config
should have the fololwing lines:
PermitRootLogin without-password
PubkeyAuthentication yes
Login still prompts for the password, but is eventually refused, even if correct.
- Create a
config
file in~/.ssh
on the client's side, or copy the system-wide ssh client configuration file from/etc/ssh_config
(/private/etc/ssh_config
on OS X) - Add a host block for each host to be aliased in the following way:
Host <alias>
Hostname <host's name or ip address>
Host <alias>
Hostname <host's name or ip address>
User <username>
Port <port>
The shell auto-completes hostnames from ~/.ssh/known_hosts
.