Suppose you want to connect to/from a remote Linux machine (that might as well be a virtual machine) via SSH, but without having to type in the password each time.
In the following, I will be referring to:
mainmachine: the machine from which you want to SSH to the remote machine without typing in the password;
remotemachine: the machine you are SSH-ing into from the main machine.
Create a pair of SSH keys
In order to log in via SSH without typing in the password, the remote machine only needs to know the main machine via its public SSH key.
main machine, generate a SSH key pair to use for logging in to the
1 ssh-keygen -t rsa
Save the key pair as
Do NOT provide a passphrase if the intention is to use this automatic login for automated tasks (e.g. for scripts where SSH is used indirectly, such as when copying files or pushing to a git repository).
Make the remote know the main machine
This is done by copying the public key of the
main machine to the
~/.ssh directory does not exist on
remote, create it first. Then append the public key that was generated during the previous step to the list of known hosts for
1 cat ~/.ssh/id_rsa.pub | ssh user@remote 'cat >> ~/.ssh/authorized_keys'
Test the automatic login
main, you should be able to SSH to the
remote machine without having to type in the password:
1 ssh user@remote
Creating a SSH key pair without a passphrase means the private key remains unencrypted. If somebody has access to the
main machine or manages to exploit a vulnerability and gains access to it, the private SSH key is just out there in plain sight.