SSH to Server Without Entering Password From Mac (OS X) – Known Method, We Practically Do It, But Problems are Common. We think, you should read this guide – Managing Multiple SSH Keys Through Command Line first before reading this one. Actually it sounds harsh to command the reader to “read this”. But, it is impossible to know the level of knowledge of the reader. The reader can know more than the writer or just can be a new user. SSH to server without entering password sounds great; but also the user should have good idea of the probable risks.
SSH to Server Without Entering Password From Mac (OS X) : How the Thing Works
Normally, when we ssh to server, if the private key is already stored (or not conflicting) we get this kind of response :
If you dig a bit, you will come across the complex interaction between ssh-agent, ssh-add, keychain, Keychain Access.app. ssh-agent is the piece that you want to get working, as it does exactly what we want. The agent runs as a daemon, and when we “add” a private key to it, it remembers that key and automatically provides it to the remote sshd during the initial connection. ssh-add is simply the command you need run to manually add a private key to ssh-agent.
---
Since OS X Leopard, we shouldn’t ever have to run ssh-agent or ssh-add manually. It should automatically happen when we attempt to connect to a server. Once per key, it should prompt us with a UI password dialog, which (among other things) will allow us to automatically add the key to the ssh-agent so that we never get prompted again. This is handled by a launchd configuration that listens for connections on the $SSH_AUTH_SOCK socket, and automatically launches ssh-agent when it first needs to; after that, ssh-agent prompts you for credentials only when it needs to open a new key. Recall getting prompted for saving RSA key for the first time.
Unfortunately, usually it usually does not work, otherwise we had not to write a longer guide.
SSH to Server Without Entering Password From Mac (OS X) : Configure it Rightly
So, you understood, we are just enabling a feature. You should open this file to check :
1 | /System/Library/LaunchAgents/org.openbsd.ssh-agent.plist |
In case you fail to find any issue, do the steps in the order we have described.For each and every private key, make sure that the corresponding public key is also present in your ~/.ssh directory. Make sure the public key is named exactly the same as the private key but with .pub at the end. If you already had an appropriate public key, try regenerating it.
If you need to recreate the public keys, you can do so easily:
1 | ssh-keygen -y -f ~/.ssh/my_key > ~/.ssh/my_key.pub |
If nothing works, follow these steps :
1 2 3 4 5 | ssh-keygen -t rsa # ssh-keygen will the ask where to store the public key, known hosts # will be our corresponding key so the default (id_rsa_pub) will # work fine # ssh-keygen then ask you to enter a pass phrase, enter a passphrase |
Copy the newly created public key to the SSH server you love to auto login. Do not to overwrite ~/.ssh/authorized_keys. The only way to access via SSH will remain via the same network (in case you create such accident).
1 2 3 4 5 6 | # If authorized_keys exists cat ~/.ssh/id_rsa.pub | ssh root@IP "cat - >> ~/.ssh/authorized_keys" # If authorized_keys does not exists scp ~/.ssh/id_rsa.pub root@IP:~/.ssh/authorized_keys # we assumed root is the user # note that we used scp |
Probably you will need to change permission too :
1 2 | chmod 0700 ~/.ssh chmod 0600 ~/.ssh/authorized_keys |
Basic is the same like we do for GitHub :
1 | https://help.github.com/articles/working-with-ssh-key-passphrases |
