SSH Without a Password

The following steps can be used to ssh from one system to another without specifying a password.
Notes:

  • The system from which the ssh session is started via the ssh command is the client.
  • The system that the ssh session connects to is the server.
  • These steps seem to work on systems running OpenSSH.
  • The steps assume that a DSA key is being used. To use a RSA key substitute ‘rsa’ for ‘dsa’.
  • The steps assume that you are using a Bourne-like shell (sh, ksh or bash)
  • You should consider the security risks before implementing this feature

Steps:

  1. On the client run the following commands:
  2. $ mkdir -p $HOME/.ssh
  3. $ chmod 0700 $HOME/.ssh
  4. $ ssh-keygen -t rsa -f $HOME/.ssh/id_rsa -P ''

    This should result in two files, $HOME/.ssh/id_rsa (private key) and $HOME/.ssh/id_rsa.pub (public key).

  5. Copy $HOME/.ssh/id_rsa.pub to the server.
  6. On the server run the following commands:
  7. $ cat id_rsa.pub >> $HOME/.ssh/authorized_keys2
  8. $ chmod 0600 $HOME/.ssh/authorized_keys2
  9. Depending on the version of OpenSSH the following commands may also be required:

    $ cat id_rsa.pub >> $HOME/.ssh/authorized_keys
    $ chmod 0600 $HOME/.ssh/authorized_keys

    An alternative is to create a link from authorized_keys2 to authorized_keys:

    $ cd $HOME/.ssh && ln -s authorized_keys2 authorized_keys
  10. On the client test the results by ssh’ing to the server:
  11. $ ssh -i $HOME/.ssh/id_rsa server
  12. (Optional) Add the following $HOME/.ssh/config on the client:
    Host server
    IdentityFile ~/.ssh/id_rsa
  13. This allows ssh access to the server without having to specify the path to the id_rsa file as an argument to ssh each time.

4 thoughts on “SSH Without a Password

  1. I think there’s typo here. It’s not ‘id_dsa’ instead it’s ‘id_rsa’ in several places.

Comments are closed.