ssh_key
Using ssh With Out Passwords
Notation
Variable |
Description |
machine_local |
Name of the machine where you will initiate |
password_local |
Your |
comment |
A very short comment used to identify the |
type |
The type of key pair that machine_local will use.
This should be either |
pid |
The process id corresponding to the |
machine_remote |
Name of the remote machine where |
usr_remote |
Your user name on machine_remote . |
password_remote |
Your login password on machine_remote . |
Step 1: Create Key Pair
On machine_local execute the commands
cdssh-keygen -t type -C commentIn response to the prompt
Enter file in which to save the key(… .ssh/id_type ):
hit return (to choose . ssh/id_ type for you private key file).
In response to the prompt
Enter passphrase (empty for no passphrase):
enter password_local . In response to the prompt
Enter same passphrase again:
enter password_local .
Step 2: Setup ssh-agent
The following bash script is a modification
of a
post
on a cygwin mailing list:
#
# file where start_ssh_agent store environment variable values
SSH_ENV=${HOME}/.ssh/environment
#
# start a new ssh-agent
function start_ssh_agent {
ssh-agent | sed > ${SSH_ENV} \
-e 's/^echo /# &/'
chmod 600 ${SSH_ENV}
. ${SSH_ENV} > /dev/null
echo "New ssh-agent pid = ${SSH_AGENT_PID}."
}
# check if environment variable is set
if [ "${SSH_AGENT_PID}" == "" ]
then
# check if file with environment variables exists
if [ -f "${SSH_ENV}" ]
then
. ${SSH_ENV} > /dev/null
else
start_ssh_agent;
fi
fi
# make sure environment variable matches process id
if ! ps -ef | grep ${SSH_AGENT_PID} | grep 'ssh-agent' > /dev/null
then
start_ssh_agent;
fi
#
# get the fingerprint for the private key in .ssh
if [ -e .ssh/id_dsa ]
then
id=`ssh-keygen -lf .ssh/id_dsa | sed -e 's/[^ ]* \([^ ]*\).*/\1/'`
fi
if [ -e .ssh/id_rsa ]
then
id=`ssh-keygen -lf .ssh/id_rsa | sed -e 's/[^ ]* \([^ ]*\).*/\1/'`
fi
#
# make sure identity has been added to ssh-agent
if ! ssh-add -l | grep "$id" > /dev/null
then
echo "Run ssh-add to add your identity to ssh-agent."
fi
This script makes sure that the ssh-agent daemon is running.
It also prompts you to run ssh-add if you have not
already done so.
Add this script to the shell initialization file $HOME/.bashrc
so that it is run whenever you start a new shell.
You can check if this script is being run by first running
ssh-add -D
to remove all the identities from ssh-agent .
Then when you start a new shell, you should see the message
Run ssh-add to add your identity to the agent.
If this script is not run automatically when a shell starts up, you can run it with the command
source $HOME/.bashrc
Step 3: Store Password in ssh-agent
If the script above prints the text
Run ssh-add to add your identity to the agent.
you should to run ssh-add to
store a copy of your ssh password in the current ssh-agent .
This is done by executing the command
ssh-add
In response to the prompt
Enter passphrase for… .ssh/id_type :
enter password_local .
Step 4: Copy Public Key
On machine_local execute the command
scp .ssh/id_type .pubuser_remote @ machine_remote :
In response to the prompt
user_remote @ machine_remote ‘
s password:
enter password_remote .