SSH Password-less login – Linux

Sometimes you need to give automatic scripts access to another box for things like RSYNC.  These will usually fail asking for a password unless you do a bit of extra work.

To setup passwordless login you need to do the following, under the user account that you want password-less login from. Eg. If you are running cron scripts as root ( which isn’t usually advisable, you would need to do this from the root account )

:~$ ssh-keygen
Generating public/private rsa key pair
Enter file in which to save the key (/home/username/.ssh/id_rsa):  << Accept default which should be your home dir.
Enter passphrase ( empty for no passphrase ): << Make sure you don’t set a password here  or it will prompt for a password which defeats the purpose of what we are doing
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is: …

Next you need to copy this key to the server you want to connect to. When you run this command make sure you connect using the account you want to use as password-less login.
Eg, due to the security risks of having password-less login, you may want a highly restricted account to be the only one with access like this

:~$ ssh-copy-id remoteusername@servername
remoteusername@servername’s password:
Now try logging into the machine, with “ssh ‘remoteusername@servername'”, and check in:
~/.ssh/authorized_keys
to make sure we haven’t added extra keys that you weren’t expecting.

After you have done this, you should be able to do things like
ssh remoteusername@servername

It should log you in without asking for a password. This becomes really useful when you want to do automatic RSYNC commands.

One example of usage is, I have a Raspberry Pi monitoring my Solar Inverter. This constantly logs to CSV files on the Pi. My main server then does an RSYNC every few minutes to get the latest data for graphing.