crib sheet: ssh single-login/no password · @rts’s ryanschwartz.net

via: <a href="http://www.cygwin.com/ml/cygwin/2003-03/msg00289.html">Robert Citek - crib sheet: ssh single-login/no password ( was Re: ssh-keygen )</a>

How to set up a no-password ssh connection from A to B, where A && B == trusted machines

== blank passphrase

1) generate private/public keys on A

$ ssh-keygen -t dsa

press enter when it asks for the filename

press enter when it asks for the passphrase (yes, a blank passphrase)

this will generate two files: ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub

2) put ~/.ssh/id_dsa.pub from A into ~/.ssh/authorized_keys2 on B

$ cat ~/.ssh/id_dsa.pub | ssh B ‘cat >> ~/.ssh/authorized_keys2’

3) make sure all files are not writable or readable except by owner

do this on A and B

$ chmod a-x,go-w,o-r ~/.ssh/*

4) verify it works

$ ssh B ls -la

== single-logon

1) generate private/public keys on A

$ ssh-keygen -t dsa

press enter when it asks for the filename

enter a passphrase

this will generate two files: ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub

2) put ~/.ssh/id_dsa.pub from A in ~/.ssh/authorized_keys2 on B

$ cat ~/.ssh/id_dsa.pub | ssh B ‘cat >> ~/.ssh/authorized_keys2’

3) make sure all files are not writable or readable except by owner

do this on A and B

$ chmod a-x,go-w,o-r ~/.ssh/*

4) use ssh-agent to manage passphrases

$ eval $(ssh-agent)

5) make agent aware of passphrases

$ ssh-add # enter the appropriate passphrase for each remote host

6) verify everything works

$ ssh B ls -la