A personal and special request for our ssh experts.

[bigtomrodney]

Hi, my name is Tom and I'm a Linux addict. But that's not my dark secret....it's far worse. After years with Linux and using ssh on a daily basis I have to admit I've never setup public/private key authentication and I've never run passwordless logon to ssh.

It's not that I've never tried, I have - I've just never gotten it working. That to me is an almost alien concept as I am a tinkerer at heart and rarely stop until something is working the way I'd like it to. I get the principle of what's going on but I've always had a mental block about it.

I would really appreciate it if someone could give me a walkthrough, a step-by-step tutorial. I'm not interested in links to tutorials as I have a ton of them and have walked through it all. What I would really like is a bit of handholding if one of you could find it in your heart to help me out. I think the problem is that I've always blindly followed tutorials on this and never had it sit exactly right in my head so that when it goes wrong I draw a blank and then give up.

So what do you guys say...anyone got it in their heart to teach this old dog new tricks?

[nmset]

This is how I got it working.

1. Create a private/public key pair on your client host, you are named local. So in session local

Code:

ssh-keygen

In ~/.ssh/ , you'll have the private key id_rsa and the public key id_rsa.pub

2. Connect to the remote machine as usual, you are named remote there.
Check in what file the SSH server stores authorized public keys.

Code:

grep -i auth /etc/ssh/sshd_config

You'll have

AuthorizedKeysFile .ssh/authorized_keys
OR
AuthorizedKeysFile .ssh/authorized_keys2

by default. If the file doesn't exist in ~/.ssh/ just create it and append the public key generated on the local machine.

3. On the local machine, let ssh-agent start a new bash session :

Code:

ssh-agent bash

4. Then load your default private key :

Code:

ssh-add

You are prompted for the passphrase. You can check it is loaded issuing

Code:

ssh-add -l

To remove it later on

Code:

ssh-add -d

5. Now if you connect to remote server, you should no longer be prompted for any credentials. The remote server must be configured for public/private key authentication though.

6. When you are done, close the bash session opened by ssh-agent

Code:

exit

[bigtomrodney]

Thank you very much...I'm pleased to say that worked first time for me. I think I understand a bit more about what I was doing wrong too. I was getting hung up on the keys and what part went where but really I was neglecting the ssh-agent part (I think).

I'm now comfortably connecting from my Android phone remotely without any prompt

[nmset]

Make sure your private key and passphrase are not sucked out by your phone services provider ! Securiy is paranoid stuff, right ? LOL !