Inhaltsverzeichnis
SSH - Remote Logon with Public Key
There a two different methods in order to configure a passwordless SSH logon on a remote HOME:
Passwordless SSH key
- Create ssh key pair (private and public key) without password: e.g.
ssh-keygen -b 4096 -t rsa -f [keyfile_name]
, typeENTER
(empty passphrase) - Configure logon to your remote HOME: Login to remote account and add content of
[public_keyfile].pub
(be careful to choose the file ending in .pub and not the private keyfile!!!) to the content of~/.ssh/authorized_keys
- Please ensure that the folder ~./ssh and the file ~/.ssh/authorized_keys only have access rights for the owner (group and others should have no rwx)
- Then you are ready to do remote ssh logon without password
Using the SSH agent
- Test if environment variables
SSH_AGENT
andSSH_AUTH_SOCK
are defined; if not invoke a new ssh agent viaeval $(ssh-agent)
- Create ssh key pair (private and public key) with password: e.g.
ssh-keygen -b 4096 -t rsa -f [private_keyfile]
, type a passphrase and hitENTER
- Add you private key to the
ssh-agent
:ssh-add [private_keyfile]
- Configure logon to your remote HOME: Login to remote account and add content of
[public_keyfile].pub
(be careful to choose the file ending in .pub and not the private keyfile!!!) to the content of~/.ssh/authorized_keys
- Please ensure that the folder ~./ssh and the file ~/.ssh/authorized_keys only have access rights for the owner (group and others should have no rwx)
- Then you are ready to do remote ssh logon without password
- BTW: The ssh-agent can be locked by password (
ssh-agent -x
; then type your password) and unlocked (ssh-agent -X
; then type your password) Attention:
The ssh-agent is not a permanent keystore! You have to add the private key manually for every new user session to the agent (e.g. on behalf of a script).
date of revision: 03-07-2019 © kraus