Red Green Software » shell http://www.red-green.com We take stopped projects and get them going again. Sun, 05 Sep 2010 15:27:00 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Automatic SSH login using RSA/DSA keys http://www.red-green.com/2007/06/automatic-ssh-login-using-rsadsa-keys/ http://www.red-green.com/2007/06/automatic-ssh-login-using-rsadsa-keys/#comments Wed, 20 Jun 2007 20:28:26 +0000 stevet http://www.red-green.com/2007/06/automatic-ssh-login-using-rsadsa-keys/ Creating the RSA Key 
ssh-keygen -t rsa

This will create the id_rsa and id_rsa.pub files. The id_rsa.pub file located in ~/.ssh is your public key. Copy it to the system you want to automatically login to. See `man ssh-keygen` for more options. Why do I only show RSA keys? Because it's safer then the DSA keys according to the putty developers (see section 8.2.2) . I'm sure that all the bugs in DSA have been fixed by now, including the key generation problems, but why take unnecessary risks?

Public Key Adding Script

#!/bin/sh
# September 23, 2003 (initial)
# Updated August 23, 2006 (updated)
#
# Steve Thielemann
#
# A script file to add ssh key
#
# 1.) Verifies ~/.ssh directory exists, if not creates and
#     fixes permissions.
# 2.) Verifies ~/.ssh/authorized_keys exists, if not creates and
#     fixes permissions.
# 3.) Checks to see if ssh key is already present, if not adds to
#     ~/.ssh/authorized_keys.
#
# dependant on:  grep, touch, chmod, cut
#
if [ -z $1 ]
then
echo "I need the filename of a public key to add."
echo "(The .pub file created from ssh-keygen -t rsa)"
echo "Example:  $0 remote_rsa.pub"
exit
fi
if [ -f $1 ]
then
keyid=`cut -f3- '-d ' < $1`
else
echo "I can't find $1 !"
exit
fi
echo "Using ID $keyid"
# variables to make life easier
sshdir=~/.ssh
keyfile=~/.ssh/authorized_keys
if [ ! -d "$sshdir" ]
then
echo "Making $sshdir"
mkdir "$sshdir"
chmod 700 "$sshdir"
fi
if [ ! -f "$keyfile" ]
then
echo "Creating $keyfile"
touch "$keyfile"
chmod 644 "$keyfile"
fi
grep "$keyid" "$keyfile" > /dev/null
if [ $? = 1 ]
then
echo "Adding key to $keyfile"
cat $1 >> "$keyfile"
else
echo "Key $keyid already present."
fi
# the end

Or: download the auto SSH script .

Notes About the Script

The script doesn't do anything fancy, and once it has been run, adding additional keys is as simple as doing cat id_rsa.pub >> ./ssh/authorized_keys ! But, if the system hasn't been rsa public keyed before, this script will take care of setting all the file permissions correctly.

Configuring SSH to use the RSA Key

In your ~/.ssh/config file, add the following lines: Host nameyoucallsite Hostname 10.0.0.1 (or hostname) IdentityFile ~/.ssh/id_rsa User usernameonsite The hostname, if you set it with an IP address, it will always work (assuming your internet connection is working). If you use a hostname, it will only work if DNS is working. (Hint, if the server you are sshing into is the DNS server for that domain, make sure you have the IP address somewhere just in case!) User is the login name for that box. The IdentityFile is the file that you created, I usually create many keys, one for each project that I am involved in. Once configured, doing `ssh nameyoucallsite` is all that is required to login to the site.

]]> http://www.red-green.com/2007/06/automatic-ssh-login-using-rsadsa-keys/feed/ 1