ssh without password?

stan_laurel · n00b Joined: 27 Jul 2002 Posts: 71 Location: Germany

Hi!
I want to login from my local machine where i am user xxx to another machine as a user yyy.
This could be done the following way:

n0n · Guru Joined: 13 Jun 2002 Posts: 355

What you need to do is generate a public key on your box. Then send that public key over to the box that you want to transfer files to, and stick it in the user's ~/.ssh/authorized_hosts file. If you don't want any password at all, then make sure that the public key you've created isn't password-protected (this should go without saying, I suppose). So when you're asked for a password during the key creation, just hit Enter.

There's actually some pretty good information about this on sourceforge.net, although obviously the procedure for uploading the keys to sourceforge.net don't apply.

kyron · Posted: Tue Sep 03, 2002 5:11 pm Post subject:

Yu will need to incorporate the public key (of the destination machine) into your ~/.ssh/ directory (known_hosts or something like that...) ... the details of the procedure eludes me for the moment (did i a long time ago) and it does work well...though I did it for the root user, don't know if it works for use on other users though....

The procedure can be a bit*h but it canbe done...

Here is a link that might help you:

http://astrophysics.phys.cmu.edu/pipermail/problems/2001-December/000308.html

Found this by performing the following search on google.com
(search for: ssh autologin public key)
:

[url]http://www.google.com/search?num=100&hl=en&lr=lang_en|lang_fr&ie=UTF-8&oe=UTF-8&q=ssh+autologin+public+key&spell=1[/url]
_________________
M$ Windows: When in doubt, REBOOT
Linux: When in doubt, RTFM ;-)

rizzo · Posted: Tue Sep 03, 2002 5:16 pm Post subject:

Using openssh, I believe the file is called "authorized_keys", not hosts. Plus you should only use ssh protocol 2, and then the file will be called "authorized_keys2".

n0n · Guru Joined: 13 Jun 2002 Posts: 355

klieber · Posted: Tue Sep 03, 2002 5:41 pm Post subject: Re: ssh without password?

rac · Posted: Tue Sep 03, 2002 5:41 pm Post subject:

rizzo · Posted: Tue Sep 03, 2002 6:27 pm Post subject:

stan_laurel · n00b Joined: 27 Jul 2002 Posts: 71 Location: Germany

Thanks for your help!
Everything works fine now - I am using keychain.
But there is a small problem left: man keychain says:

n0n · Guru Joined: 13 Jun 2002 Posts: 355

fireboy1919 · n00b Joined: 28 May 2002 Posts: 47

Aren't they all login shells?

They've recently modified keychain. I've found that placing this in my .bashrc works well:

keychain ~/.ssh/id_dsa ~/.ssh/identity ~/.ssh/id_rsa
source ~/.keychain/$HOSTNAME-sh > /dev/null

n0n · Guru Joined: 13 Jun 2002 Posts: 355

discostu · Guru Joined: 01 Nov 2002 Posts: 333

I can't get it to work. It still prompts me for a password after following the instructions on both the sourceforge link above and this link http://www.linuxgazette.com/issue67/nazario2.html. Any ideas?

klieber · Posted: Tue Mar 16, 2004 1:27 pm Post subject:

discostu · Guru Joined: 01 Nov 2002 Posts: 333

When I did the ssh-keygen it made a file called id_dsa and id_dsa.pub. I uploaded id_dsa.pub to sourceforge in .ssh directory. Then I used ssh-add to add id_dsa.

Here is the output from using -vv:

sikpig · n00b Joined: 26 Feb 2004 Posts: 22

Disco Stu;
You also need to copy the contents of id_dsa.pub from your local machine to authorized_keys on the SF server, like so:

discostu · Guru Joined: 01 Nov 2002 Posts: 333

Thanks sikpig! I had put it in my local authorized_keys but not on sf's authorized keys. It worked for shell.sf.net. I also tried adding cvs.sf.net, but that didn't work.

sikpig · n00b Joined: 26 Feb 2004 Posts: 22

I'm not sure how shell.sf.net and cvs.sf.net relate, ie. is it the same account, or do you just have the same userid for both systems. If they are not the same account (same home directory), then you need to copy the authorized_keys file to cvs.sf.net.

Have you looked at this: http://sourceforge.net/docman/display_doc.php?docid=761&group_id=1#top?

It seems that you may be able to manage your SSH keys through SF's account management site.

discostu · Guru Joined: 01 Nov 2002 Posts: 333

Cool! I had skimmed over it, but hadn't noticed that you could do it from the website. I also found that to ssh to cvs.sf.net you should use cvs1.sf.net. So now ssh to cvs1.sf.net works. However, cvs update still asks for a password.

-Stu
_________________
"Disco Stu doesn't advertise."

sikpig · n00b Joined: 26 Feb 2004 Posts: 22

Well, I'm no expert when it comes to CVS, and I have not used SourceForge the way you are, but this works for me on my CVS server (assuming that keys are already in place):

discostu · Guru Joined: 01 Nov 2002 Posts: 333

It seems to be working now, although I haven't done anything (it just started asking for passphrase instead of password, so I did an ssh-add and it works). Maybe it just took a while for sf's cvs to recognize the key.

Thanks,
Stu
_________________
"Disco Stu doesn't advertise."