A lot of Web devs and App devs probably login to their VPS or Cloud Server with SSH very frequently to deploy their apps or maintain the server. Needing to type the password everytime could be crumblesome and insecure. I’ll show you how to how to setup password-less SSH login and some more practical usage. This article applies to Linux and Mac users.
In your machine, use the following command
If it ask you where to save the key, press Enter to use the default location. (default is [your home]/.ssh/id_rsa)
cat ~/.ssh/id_dsa.pub | ssh email@example.com 'cat >> ~/.ssh/authorized_keys'
Try to SSH login again, you don’t need to enter password anymore!
What just happened?
Assume that you already know what is Public-key cryptography, the “ssh-keygen” command basically generate a pair of keys (private key and public key). And you know that to establish a secure communication, you need to share the public key to the other party, in this case, the server. The second command append the content of the public key “id_dsa.pub”, which is basically a text file, to the “~/.ssh/authorized_keys” file of the remote server. And that’s all you need to do to let the magic happen.
More practical use-cases and tricks
Besides saving your time typing…
There’s some applications also require SSH, for example Git. It would be much more convenient and secure after setting up password-less SSH. Imagine you have to setup a Cron job to fetch a remote Git repo or any app that require ssh, you’ll not need to embed your password in the command or shell scripts.
Multiple clients accessing the same server
If you share the server with other people (e.g. colleagues), or having more than one workstations, you should generate a pair of keys for each client and add their public key to the “authorized_keys” file to the server user. Since the file is located in the user home dir, therefore remember to edit the correct “authorized_keys” file as that is tied to the specific user on the server.
Setting up multi-node clusters
If you want to setup a web server / hadoop cluster, I believe most of you will choose to embrace virtualization nowadays : setup 1 “template” node and clone for as many node as you want. Before you clone the nodes, consider generating a pair of ssh Keys, and add your key to the “authorized_keys”, (or generate N pairs of keys if you prefer the more secure approach). In that way, all the nodes you’ve cloned will not require passwords to communicate with each other!
Note: The folder “.ssh” must be set to permission 755, you can do so by “chmod 755 ~/.ssh”