storing bits of the internet away for a rainy day

Passwordless ssh

Posted by squirreling on June 11, 2008


SSH login without password

Your aim

You want to use Linux and OpenSSH to automize your tasks. Therefore you need an automatic login from host local / user me to Host remote / user metoo. You don’t want to enter any passwords, because you want to call ssh from a within a shell script.

How to do it

First log in on A as user a and generate a pair of authentication keys. Do not enter a passphrase:

me@local:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/me/.ssh/id_rsa):
Created directory '/home/me/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/me/.ssh/id_rsa.
Your public key has been saved in /home/me/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 me@local
me@local:~> chmod 600 /home/me/.ssh/id_rsa

Now use ssh to create a directory ~/.ssh as user metoo on remote. (The directory may already exist, which is fine):

me@local:~> ssh metoo@remote mkdir -p .ssh && chmod 700 .ssh
metoo@remote's password:

Finally append a’s new public key to metoo@remote:.ssh/authorized_keys and enter metoo’s password one last time:

me@local:~> cat .ssh/id_rsa.pub | ssh metoo@remote 'cat >> 
metoo@remote's password:
me@local:~> ssh metoo@remote chmod 644 .ssh/authorized_keys
metoo@remote's password:

From now on you can log into remote as metoo from local as me without password:

me@local:~> ssh metoo@remote hostname

Keywords: ssh openssh password Author: Mathias Kettner

* Edited by me to change the users/hosts to me@local and metoo@remote

* Edited so that files have correct permissions. The .ssh directory should be 700, the .ssh/id_rsa should be 600, and the .ssh/authorized_keys file should be 644. Added troubleshooting section. Thanks to this thread for help setting up passwordless ssh on fedora.


  • On the remote machine, kill sshd (try ‘sudo /etc/init.d/sshd stop’ or ‘sudo pkill sshd’)
  • Run sshd on the remote machine with ‘sshd -dd -e’ to view verbose output
  • Open a new terminal on the local machine and try to login to the remote (‘ssh -v metoo@remote’)
  • Look for any error messages in the output. Fix them then restart sshd. (‘sudo /etc/init.d/sshd start’)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: