Search This Blog

Friday, November 9, 2012

How to Setup SSH for Auto Login

It's common to use ssh and scp for communicating and transferring files to and from a server. If you want to auto-login without a password, here's how to setup SSH to use encryption keys to do so.

On the Server

Use ssh to login to your server under the account name you want to use.
Run ssh-keygen to create an encryption key pair, the public and private keys. You can just hit return for each question.
[backup@server ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/backup/.ssh/id_rsa):
Created directory '/home/backup/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/backup/.ssh/id_rsa.
Your public key has been saved in /home/backup/.ssh/
CD to the .ssh dir and list the files to understand what you've got:
[backup@server ~]$ cd .ssh
[backup@server .ssh]$ ls
Add the public key to the SSH authorized_keys file. Be sure to use the >> to append it to any other keys you might have:
[backup@server .ssh]$ cat >> authorized_keys
Be sure the file is hidden from other users, and you can delete the public key now.
[backup@server .ssh]$ chmod 600 authorized_keys
[backup@server .ssh]$ rm

On the Client

Log-off the server, so you're back on the client. Enter your .ssh directory and download the id_rsa file (the private key) from the server to your local machine:
$ cd .ssh
$ scp .
$ chmod 600 id_rsa
Try it out:
$ ssh -l backup
[backup@server ~]$
And you can use scp for secure file transfer:
$ scp backup.tar.gz

SSH Agent

You can setup an environment variable to make it possible for programs that use SSH to find your keys, avoiding the requirement than you enter your passphrase each time.
Insert some lines like this into your .bash_profile:
if [ -z "$SSH_AUTH_SOCK" ] ; then
    eval `ssh-agent -s`

No comments: