All My Brain Where stuff from my brain lands

February 13, 2009

Quick SSH Tip

Filed under: System Administration — Tags: , , — Dennis @ 3:11 pm

I’d wager many of you know this already. Having done this a couple times the last two days though, I thought I’d add it for those that don’t. Maybe it’s useful to someone.

Problem: You want to log into a remote server with SSH and you don’t want to type a password. You know about key pairs and authorized_keys and are ready to copy your public key. You might be tempted to do it like this:

  1. SCP your identity to the remote machine (have to type your password again).
  2. ssh to the remote server (have to type your password again)
  3. append the public id to the authorized keys file
  4. delete the copied file
  5. Exit
  6. try the keyless login

Here is where you can save a few steps. You can append the file with ssh instead of copying the file over with scp. This saves you a login and typing your password once.

cat | ssh remote_server "cat >> [path to user home]/.ssh/authorized_keys[2]"

There. Type your password once for the copy and then test the passwordless login.


  1. Also useful is the ForwardAgent option in your $HOME/.ssh/config. If you ssh to machine A w/ a key, and then want to go from A to machine B (which also knows about your key), you’d normally need your private key copied to machine A. But ForwardAgent, in combination with an ssh-agent on your machine, tells machine A to forward B’s authentication negotiation stuff back to your local ssh-agent. In short, you can go from A to whatever other machines you want (and from those machines to still other machines) without copying your private key all over.

    Comment by eggyknap — February 13, 2009 @ 3:57 pm

  2. OpenSSH has a tool to copy your ssh key to remote hosts: ssh-copy-id(1)

    No need to cat your .pub and | it through SSH.

    Comment by Yorokobi — February 13, 2009 @ 4:00 pm

  3. Both of those are great followup tips. Thanks!

    Comment by Dennis — February 13, 2009 @ 4:02 pm

  4. Another excellent SSH tool: ControlPath

    In your .ssh/config add

    Host *
    ControlMaster auto
    ControlPath ~/.ssh/master-%r@%h:%p

    If you ever have to SSH to the same host simultaneously, this will save loads of time.

    What it does: I SSH to machine A and do some work but I need a separate shell opened to machine A to do concurrent work so I SSH in again. With ControlPath the new session uses the current one–you log in in an instant.

    Yes, GNU Screen can accomplish the same thing, but if you SSH as one user, then sudo su – , this is a great solution.

    My $0.02

    Comment by Yorokobi — February 13, 2009 @ 4:05 pm

  5. […] Muhlestein posted a quick ssh tip, and then a couple of really neat gems emerged in the comments. For the sake of those who […]

    Pingback by ssh tricks | The Fugue — February 14, 2009 @ 12:18 am

RSS feed for comments on this post. TrackBack URL

Leave a comment

Powered by WordPress

%d bloggers like this: