Passwordless SSH Logins? Easy!
Secure Shell (SSH) has become a critical part of my tool box. I can bounce from machine to machine with speed and ease all the while knowing my connections are encrypted and what I am doing and what I am downloading is my business.
One of the best things about SSH is its ability to have long term trust which does away with the passwords associated with an action.
HOWTO Assumptions, a linux desktop with OpenSSH installed and a remote system with an SSH server on it.
Use Case:
You log into your Linux desktop (So you enter a username and password) and you are now securely logged into a secure OS. You also have a Network Attached Storage (NAS) Device on the network and you would like to set up a reliable backup job to back up your home folder onto the NAS every night. There are only a million ways to do this, but since you have installed Google desktop search on your Linux box, you want to be able to search your offline home directory as well, this requires that your remote directory is mounted locally on Linux. Well it just so happens your NAS is a Linux based NAS so has an SSH server on it. Your desktop has the OpenSSH package installed, this is the SSH package of choice for me since it dopes everything on every platform.
Ok, but lets get to it.
we want to be able to do this:
ssh my_remote_login@my_nas_deviceAll without the system asking for the remote password. Now I don't recommend that you do this for every connection, in fact I would say unless you own environment is secure, don't do this.
First, you need security credentials, they will probably be found by LSing the ssh folder in your Home Dir:
ls -l ~/.sshYou should see something like:
-rw------- 1 franco franco 1675 2010-03-31 07:48 id_rsa
-rw-r--r-- 1 franco franco 403 2010-03-31 07:48 id_rsa.pubIf not, we need to build them. run this command on your system:
ssh-keygen -t rsaAccept all defaults and leave the passphrase blank and this should now put the above mentioned credentials in your ~/.ssh/ folder.
Now that you have credentials, you can easily "PUSH" your credentials to the remote system like this:
ssh-copy-id -i ~/.ssh/id_rsa.pub your_remote_login@your_nas_deviceor if you are on an alternate port like 222
ssh-copy-id -i ~/.ssh/id_rsa.pub "-p 222 your_remote_login@your_nas_device"you will be asked for you password on the remote system one last time.
Now when you use SSH to log into the NAS like this:
ssh my_remote_login@my_nas_deviceIt will just let you in, no password. Now you are ready to mount drives.
I install sshfs and then make mount entries in my FSTAB but more importantly, in my own home, from my desktop, I can SSH into every machine in my home very quick and easy.....