You can pre-cache all your SSH keys with the ssh-agent by running: ssh-add If you only sleep your mac, never restart it, you can go long periods of time without needing to enter your password. This agent will cache the keypair the first time you use it so you only have to enter your password once in a while. To make it easier to use the key without having to enter the password every time, OS X runs an ssh-agent process in the background on your machine. Use disk encryption on your Mac and keep the permissions on the file and the ~/.ssh/ directory tight. Password protecting the key file ensure they'd need to know the password for that key to use it. Please note, anyone who gets a hold of your ~/.ssh/id_rsa file can ssh to this machine as root without supplying a password for the remote machine. Repeat the above for every machine you want to ssh in to with your keys instead of a password. Read on for how to make this something you don't need to enter all the time. Assuming the remote server's sshd is setup to do public-private key authentication, when you ssh to the box now it shouldn't ask you for a password for the root account - instead it'll ask you for the password for your key. You'll have to enter the password for to perform this copy, but this should be the last time you need to do this. Now, assuming your ssh key exists on your Mac as ~/.ssh/id_rsa.pub, you can install it on a remote machine by running: cat ~/.ssh/id_rsa.pub | ssh "mkdir -p ~/.ssh & cat > ~/.ssh/authorized_keys"įor your specific server example cited above, the command would look like: cat ~/.ssh/id_rsa.pub | ssh -p 2200 "mkdir -p ~/.ssh & cat > ~/.ssh/authorized_keys" If you already have keypair you can skip the step above. When it asks if you want to protect the key with a passphrase say YES! It's bad practice to not password-protect your keys and I'll show you how to only have to enter the password once in a while. As long as they have public key authentication enabled, and your public key is present on the remote machine, you can ssh to the machines without having to supply a password.įirst you'll need to generate a public/private keypair like so: ssh-keygen -t rsaįollow the prompts. You can copy your public key to the remote machines.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |