Thanks to mbonati at CalTech!
I quote the steps, just in case the page disappears:
What must be done, then , is to generate a public/private key pair, and copy the public part into the appropiate place on the server side.
For doing this, on the user's home directory, on the client machine, type
local> ssh-keygen -t dsa -f .ssh/id_dsa
-t tells the type of encription
-f tells where to store the public/private key pairs. In this case, the .ssh directory on home is being used
A password will be asked; leave this part blank, just pressing
Now, go the .ssh directory, and you will find two new files: id_dsa and id_dsa.pub. The last one is the public part. Now, copy the public key to the server machine
local> cd .ssh
local> scp id_dsa.pub user@remote:~/.ssh/id_dsa.pub
Of course, this time you will need to enter the password.
Now, login into the server machine and go to the .ssh directory on the server side
local> ssh user@remote
remote> cd .ssh
Now, add the client's public key to the know public keys on the server
remote> cat id_dsa.pub >> authorized_keys2
remote> chmod 640 authorized_keys2
remote> rm id_dsa.pub
remote> exit
and that's all.
Next time you log into the remote server, no password will be asked.
Note that this sytem will work while none of the machines change its IP address and for the specific user, so it is still safe.
Posts
1 comment:
Found another reference for setting up ssh shared key authentication: http://ammonlauritzen.com/blog/2006/04/16/shared_key_ssh_authentication/
Post a Comment